-
Notifications
You must be signed in to change notification settings - Fork 24.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create gradle task/utility to wait-for-status with custom SSL trust #38072
Labels
:Delivery/Build
Build or test infrastructure
:Security/TLS
SSL/TLS, Certificates
Team:Delivery
Meta label for Delivery team
Comments
Pinging @elastic/es-core-infra |
Pinging @elastic/es-security |
tvernum
added a commit
that referenced
this issue
Apr 1, 2019
By default, in integ tests we wait for the standalone cluster to start by using the ant Get task to retrieve the cluster health endpoint. However the ant task has no facilities for customising the trusted CAs for a https resource, so if the integ test cluster has TLS enabled on the http interface (using a custom CA) we need a separate utility for that purpose. Resolves: #38072
tvernum
added a commit
to tvernum/elasticsearch
that referenced
this issue
Apr 1, 2019
By default, in integ tests we wait for the standalone cluster to start by using the ant Get task to retrieve the cluster health endpoint. However the ant task has no facilities for customising the trusted CAs for a https resource, so if the integ test cluster has TLS enabled on the http interface (using a custom CA) we need a separate utility for that purpose. Resolves: elastic#38072 Backport of: elastic#40573
tvernum
added a commit
to tvernum/elasticsearch
that referenced
this issue
Apr 8, 2019
By default, in integ tests we wait for the standalone cluster to start by using the ant Get task to retrieve the cluster health endpoint. However the ant task has no facilities for customising the trusted CAs for a https resource, so if the integ test cluster has TLS enabled on the http interface (using a custom CA) we need a separate utility for that purpose. Resolves: elastic#38072 Backport of: elastic#40573
gurkankaymak
pushed a commit
to gurkankaymak/elasticsearch
that referenced
this issue
May 27, 2019
By default, in integ tests we wait for the standalone cluster to start by using the ant Get task to retrieve the cluster health endpoint. However the ant task has no facilities for customising the trusted CAs for a https resource, so if the integ test cluster has TLS enabled on the http interface (using a custom CA) we need a separate utility for that purpose. Resolves: elastic#38072
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
:Delivery/Build
Build or test infrastructure
:Security/TLS
SSL/TLS, Certificates
Team:Delivery
Meta label for Delivery team
In x-pack/qa/smoke-test-plugins-ssl and (once #37600 is merged) x-pack/qa/reindex-tests-with-security we need to call
on a node that uses TLS on the HTTP port, with a custom CA.
Normally we use
ant.get
to call the cluster health API, but that utility does not have any facilties for customising the trust manager for the URL.The builds that need this currently implement their own handling with
HttpsURLConnection
, but we should centralise this.The utility should support reading a CA from a PEM file (the JRE's
CertificateFactory
can do this) so that it is possible to run it on a FIPS enabled JVM.The text was updated successfully, but these errors were encountered: