Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce presence of Certificate Authorities, Certificate file and Key when using LoadTLSServerConfig #12355

Merged
merged 10 commits into from
May 30, 2019
Merged

Enforce presence of Certificate Authorities, Certificate file and Key when using LoadTLSServerConfig #12355

merged 10 commits into from
May 30, 2019

Conversation

ph
Copy link
Contributor

@ph ph commented May 29, 2019

When TLS is enabled for a Server we enforce CA, Certificate and the private key to make sure that the communication is correctly encrypted.

@ph ph requested a review from a team as a code owner May 29, 2019 20:49
@ph ph added the Metricbeat Metricbeat label May 29, 2019
@ph ph requested review from andrewkroh and tsg May 29, 2019 20:54
andrewkroh
andrewkroh reviewed May 29, 2019
View reviewed changes
Copy link
Member

@andrewkroh andrewkroh left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This lines up with my expectations as a user. When requiring TLS client authentication the user should have to specify what CA's are trusted. But what if client_auth: none is used?

CHANGELOG.next.asciidoc Outdated Show resolved Hide resolved
libbeat/common/transport/tlscommon/server_config.go Outdated Show resolved Hide resolved
ph and others added 4 commits May 29, 2019 17:18
andrewkroh
andrewkroh approved these changes May 29, 2019
View reviewed changes
CHANGELOG.next.asciidoc Outdated Show resolved Hide resolved
libbeat/common/transport/tlscommon/server_config.go Outdated Show resolved Hide resolved
@ph
Copy link
Contributor Author

ph commented May 30, 2019

jenkins test this please

@ph ph merged commit 8589309 into elastic:master May 30, 2019
ph added a commit to ph/beats that referenced this pull request May 30, 2019
@ph
Enforce presence of Certificate Authorities, Certificate file and Key…
ef86ed9 
… when using LoadTLSServerConfig (elastic#12355)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
@ph ph mentioned this pull request May 30, 2019
Merged
@ph ph added the v6.8.1 label May 30, 2019
ph added a commit to ph/beats that referenced this pull request May 30, 2019
@ph
Enforce presence of Certificate Authorities, Certificate file and Key…
bce9137 
… when using LoadTLSServerConfig (elastic#12355)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
@ph ph mentioned this pull request May 30, 2019
Merged
@ph ph added the v7.0.2 label May 30, 2019
ph added a commit to ph/beats that referenced this pull request May 30, 2019
@ph
Enforce presence of Certificate Authorities, Certificate file and Key…
feb9558 
… when using LoadTLSServerConfig (elastic#12355)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
@ph ph mentioned this pull request May 30, 2019
Merged
@ph ph added the v7.1.2 label May 30, 2019
ph added a commit to ph/beats that referenced this pull request May 30, 2019
@ph
Enforce presence of Certificate Authorities, Certificate file and Key…
ecd9b51 
… when using LoadTLSServerConfig (elastic#12355)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
@ph ph mentioned this pull request May 30, 2019
Merged
@ph ph added the v7.2.0 label May 30, 2019
ph added a commit that referenced this pull request May 30, 2019
@ph
Cherry-pick #12355 to 6.8: Enforce presence of Certificate Authoritie…
1886e8e 
…s, Certificate file and Key when using LoadTLSServerConfig (#12362)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
ph added a commit that referenced this pull request May 30, 2019
@ph
Cherry-pick #12355 to 7.0: Enforce presence of Certificate Authoritie…
debc457 
…s, Certificate file and Key when using LoadTLSServerConfig (#12363)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
ph added a commit that referenced this pull request May 30, 2019
@ph
Cherry-pick #12355 to 7.1: Enforce presence of Certificate Authoritie…
e9717b6 
…s, Certificate file and Key when using LoadTLSServerConfig (#12364)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
ph added a commit that referenced this pull request May 30, 2019
@ph
Cherry-pick #12355 to 7.2: Enforce presence of Certificate Authoritie…
0a4fa5f 
…s, Certificate file and Key when using LoadTLSServerConfig (#12365)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit 8589309)
@ph ph mentioned this pull request Jun 3, 2019
Closed
ph added a commit to ph/beats that referenced this pull request Jun 3, 2019
@ph
Revert "Cherry-pick elastic#12355 to 6.8: Enforce presence of Certifi…
3f1b5d5 
…cate Authorities, Certificate file and Key when using LoadTLSServerConfig (elastic#12362)"

This reverts commit 1886e8e.
ph added a commit to ph/beats that referenced this pull request Jun 3, 2019
@ph
Revert "Cherry-pick elastic#12355 to 7.0: Enforce presence of Certifi…
696f0b1 
…cate Authorities, Certificate file and Key when using LoadTLSServerConfig (elastic#12363)"

This reverts commit debc457.
ph added a commit to ph/beats that referenced this pull request Jun 3, 2019
@ph
Revert "Cherry-pick elastic#12355 to 7.1: Enforce presence of Certifi…
f07b6df 
…cate Authorities, Certificate file and Key when using LoadTLSServerConfig (elastic#12364)"

This reverts commit e9717b6.
ph added a commit to ph/beats that referenced this pull request Jun 4, 2019
@ph
Revert "Cherry-pick elastic#12355 to 7.2: Enforce presence of Certifi…
e86d8f3 
…cate Authorities, Certificate file and Key when using LoadTLSServerConfig (elastic#12365)"

This reverts commit 0a4fa5f.
ph added a commit that referenced this pull request Jun 4, 2019
@ph
Revert "Cherry-pick #12355 to 7.2: Enforce presence of Certificate Au…
7e60126 
…thorities, Certificate file and Key when using LoadTLSServerConfig (#12365)" (#12420)

This reverts commit 0a4fa5f.
ph added a commit that referenced this pull request Jun 4, 2019
@ph
Revert "Cherry-pick #12355 to 7.1: Enforce presence of Certificate Au…
3e74e59 
…thorities, Certificate file and Key when using LoadTLSServerConfig (#12364)" (#12398)

This reverts commit e9717b6.
ph added a commit that referenced this pull request Jun 4, 2019
@ph
Revert "Cherry-pick #12355 to 7.0: Enforce presence of Certificate Au…
58d4bff 
…thorities, Certificate file and Key when using LoadTLSServerConfig (#12363)" (#12396)

This reverts commit debc457.
ph added a commit that referenced this pull request Jun 4, 2019
@ph
Revert "Cherry-pick #12355 to 6.8: Enforce presence of Certificate Au…
ef97bb6 
…thorities, Certificate file and Key when using LoadTLSServerConfig (#12362)" (#12395)

This reverts commit 1886e8e.
ph added a commit to ph/beats that referenced this pull request Jun 5, 2019
@ph
Revert "Enforce presence of Certificate Authorities, Certificate file…
202f065 
… and Key when using LoadTLSServerConfig (elastic#12355)"

This reverts commit 8589309.
@ph ph mentioned this pull request Jun 5, 2019
Merged
ph added a commit that referenced this pull request Jun 5, 2019
@ph
Revert "Enforce presence of Certificate Authorities, Certificate file…
caeb65c 
… and Key when using LoadTLSServerConfig (#12355)" (#12441)

This reverts commit 8589309.
andrewvc pushed a commit to andrewvc/beats that referenced this pull request Jun 12, 2019
@ph @andrewvc
Revert "Enforce presence of Certificate Authorities, Certificate file…
1f00ab3 
… and Key when using LoadTLSServerConfig (elastic#12355)" (elastic#12441)

This reverts commit 8589309.
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ph
Cherry-pick elastic#12355 to 7.2: Enforce presence of Certificate Aut…
8e3d18d 
…horities, Certificate file and Key when using LoadTLSServerConfig (elastic#12365)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit fdd0b75)
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ph
Revert "Cherry-pick elastic#12355 to 7.2: Enforce presence of Certifi…
48d9434 
…cate Authorities, Certificate file and Key when using LoadTLSServerConfig (elastic#12365)" (elastic#12420)

This reverts commit 8e3d18d.
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ph
Cherry-pick elastic#12355 to 7.1: Enforce presence of Certificate Aut…
6d567ae 
…horities, Certificate file and Key when using LoadTLSServerConfig (elastic#12364)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit fdd0b75)
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ph
Revert "Cherry-pick elastic#12355 to 7.1: Enforce presence of Certifi…
66a38ca 
…cate Authorities, Certificate file and Key when using LoadTLSServerConfig (elastic#12364)" (elastic#12398)

This reverts commit 6d567ae.
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ph
Cherry-pick elastic#12355 to 7.0: Enforce presence of Certificate Aut…
ef21ef4 
…horities, Certificate file and Key when using LoadTLSServerConfig (elastic#12363)

* Enforce presence of Certificate Authorities, Certificate file and Key
when using LoadTLSServerConfig


(cherry picked from commit fdd0b75)
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ph
Revert "Cherry-pick elastic#12355 to 7.0: Enforce presence of Certifi…
97ccdcc 
…cate Authorities, Certificate file and Key when using LoadTLSServerConfig (elastic#12363)" (elastic#12396)

This reverts commit ef21ef4.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

@tsg tsg Awaiting requested review from tsg

Assignees
No one assigned
Labels
Filebeat Filebeat libbeat Metricbeat Metricbeat review v6.8.1 v7.0.2 v7.1.2 v7.2.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ph @andrewkroh