Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GeoIP custom endpoint cacert, Update geoip.asciidoc #105908

Merged
merged 1 commit into from
Mar 5, 2024
Merged

GeoIP custom endpoint cacert, Update geoip.asciidoc #105908

merged 1 commit into from
Mar 5, 2024

Conversation

predogma
Copy link
Contributor

@predogma predogma commented Mar 4, 2024

The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like

...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
  • Have you signed the contributor license agreement?
  • Have you followed the contributor guidelines?
  • If submitting code, have you built your formula locally prior to submission with gradle check?
  • If submitting code, is your pull request against main? Unless there is a good reason otherwise, we prefer pull requests against main and will backport as needed.
  • If submitting code, have you checked that your submission is for an OS and architecture that we support?
  • If you are submitting this code for a class then read our policy for that.

@predogma
Update geoip.asciidoc
9a63f35 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```
@predogma predogma added >docs General docs changes Team:Docs Meta label for docs team v8.11.0 v8.12.0 v8.13.0 labels Mar 4, 2024
@predogma predogma mentioned this pull request Mar 4, 2024
Closed
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 4, 2024

Documentation preview:

@elasticsearchmachine
Copy link
Collaborator

@predogma please enable the option "Allow edits and access to secrets by maintainers" on your PR. For more information, see the documentation.

@elasticsearchmachine elasticsearchmachine added v8.14.0 external-contributor Pull request authored by a developer outside the Elasticsearch team labels Mar 4, 2024
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-docs (Team:Docs)

@predogma predogma removed the external-contributor Pull request authored by a developer outside the Elasticsearch team label Mar 4, 2024
@leemthompo leemthompo added the auto-backport-and-merge Automatically create backport pull requests and merge when ready label Mar 4, 2024
leemthompo
leemthompo approved these changes Mar 4, 2024
View reviewed changes
Copy link
Contributor

@leemthompo leemthompo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for reworking to target main 🥇

@leemthompo leemthompo merged commit 30828a5 into main Mar 5, 2024
7 checks passed
@leemthompo leemthompo deleted the predogma-patch-2 branch March 5, 2024 10:26
@elasticsearchmachine
Copy link
Collaborator

💔 Backport failed

You can use sqren/backport to manually backport by running backport --upstream elastic/elasticsearch --pr 105908

@leemthompo leemthompo mentioned this pull request Mar 5, 2024
Merged
leemthompo pushed a commit to leemthompo/elasticsearch that referenced this pull request Mar 5, 2024
@predogma
Update geoip.asciidoc (elastic#105908)
662e5ed 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```

(cherry picked from commit 30828a5)
This was referenced Mar 5, 2024
Merged
Merged
@leemthompo
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.13
8.12
8.11

Questions ?

Please refer to the Backport tool documentation

leemthompo pushed a commit to leemthompo/elasticsearch that referenced this pull request Mar 5, 2024
@predogma
Update geoip.asciidoc (elastic#105908)
662e175 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```

(cherry picked from commit 30828a5)
leemthompo pushed a commit to leemthompo/elasticsearch that referenced this pull request Mar 5, 2024
@predogma
Update geoip.asciidoc (elastic#105908)
439a9fd 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```

(cherry picked from commit 30828a5)
leemthompo added a commit that referenced this pull request Mar 5, 2024
@leemthompo @predogma
Update geoip.asciidoc (#105908) (#105948)
e96800a 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```

(cherry picked from commit 30828a5)

Co-authored-by: Jennie Soria <predogma@users.noreply.github.com>
leemthompo added a commit that referenced this pull request Mar 5, 2024
@leemthompo @predogma
Update geoip.asciidoc (#105908) (#105947)
1758cc0 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```

(cherry picked from commit 30828a5)

Co-authored-by: Jennie Soria <predogma@users.noreply.github.com>
leemthompo added a commit that referenced this pull request Mar 5, 2024
@leemthompo @predogma
Update geoip.asciidoc (#105908) (#105946)
abfc8e0 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```

(cherry picked from commit 30828a5)

Co-authored-by: Jennie Soria <predogma@users.noreply.github.com>
jedrazb pushed a commit to jedrazb/elasticsearch that referenced this pull request Mar 6, 2024
@predogma @jedrazb
Update geoip.asciidoc (elastic#105908)
8775d3f 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```
fang-xing-esql pushed a commit to fang-xing-esql/Elasticsearch that referenced this pull request Mar 8, 2024
@predogma @fang-xing-esql
Update geoip.asciidoc (elastic#105908)
de95fe5 
The GeoIP endpoint does not use the xpack http client. The GeoIP downloader uses the JDKs builtin cacerts.

If customer is using custom https endpoint they need to provide the cacert in the jdk, whether our jdk bundled in or their jdk. Otherwise they will see something like
```
...PKiX path building failed: sun.security.provier.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target...
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leemthompo leemthompo leemthompo approved these changes

Assignees
No one assigned
Labels
auto-backport-and-merge Automatically create backport pull requests and merge when ready backport pending >docs General docs changes Team:Docs Meta label for docs team v8.11.0 v8.12.0 v8.13.0 v8.14.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@predogma @elasticsearchmachine @leemthompo