Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reload secure settings with password #43197

Open
wants to merge 10 commits into
base: feature-pwd-protected-keystore
from

Conversation

Projects
None yet
3 participants
@jkakavas
Copy link
Contributor

commented Jun 13, 2019

This change adds support for passing a password in the call to the reload_secure_settings API. Transport and TransportService now expose methods to indicate if the Transport implementation used is configured for TLS.

A call to the reload_secure_settings with a password is allowed:

  • When run against the local node ( single node cluster, or specifically targeting the local cluster via _local filter or nodeId) regardless of the TLS configuration in the transport layer
  • When run for more nodes than the local one (some or all cluster) iff TLS is enabled in the transport layer.

jkakavas added some commits Jun 13, 2019

Allow password in reload secure settings API
If a password is not set, we assume an empty string to be
compatible with previous behavior.
Only allow the reload to be broadcast to other nodes if TLS is
enabled for the transport layer.
@elasticmachine

This comment has been minimized.

Copy link
Collaborator

commented Jun 13, 2019

jkakavas added some commits Jun 13, 2019

@jkakavas

This comment has been minimized.

Copy link
Contributor Author

commented Jun 14, 2019

jkakavas added some commits Jun 26, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.