github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Deprecate SSL settings (#29990)

Browse source
This commit is contained in:
Lisa Cawley 2019-02-04 15:02:46 -08:00 committed by lcawl
parent 8318914f4e
commit 9873f05f6a
1 changed files with 17 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

17
docs/setup/settings.asciidoc
View file

@ -45,15 +45,28 @@ Elasticsearch. This value must be a positive integer.
`elasticsearch.sniffOnConectionFault:`:: *Default: false* Update the list of Elasticsearch nodes immediately following a connection fault.
`elasticsearch.ssl.cert:`:: Optional setting that provides the path to the
PEM-format SSL certificate. This file validates that your Elasticsearch backend
uses the same key files.
deprecated[5.3.0,Replaced by `elasticsearch.ssl.certificate`]
`elasticsearch.ssl.certificate:` and `elasticsearch.ssl.key:`:: Optional settings that provide the paths to the PEM-format SSL
certificate and key files. These files are used to verify the identity of Kibana to Elasticsearch and are required when
`xpack.ssl.verification_mode` in Elasticsearch is set to either `certificate` or `full`.
`elasticsearch.ssl.ca:`:: Optional setting that enables you to specify a path to
the PEM file for the certificate authority for your Elasticsearch instance.
deprecated[5.3.0,Replaced by `elasticsearch.ssl.certificateAuthorities`]
`elasticsearch.ssl.certificateAuthorities:`:: Optional setting that enables you to specify a list of paths to the PEM file for the certificate
authority for your Elasticsearch instance.
`elasticsearch.ssl.keyPassphrase:`:: The passphrase that will be used to decrypt the private key. This value is optional as the key may not be encrypted.
`elasticsearch.ssl.verify:`:: *Default: true* To disregard the validity of SSL
certificates, change this settings value to `false`.
deprecated[5.3.0,Replaced by `elasticsearch.ssl.verificationMode`]
`elasticsearch.ssl.verificationMode:`:: *Default: full* Controls the verification of certificates presented by Elasticsearch. Valid values are `none`, `certificate`, and `full`.
`full` performs hostname verification, and `certificate` does not.
@ -179,6 +192,10 @@ By turning this off, only the layers that are configured here will be included.
`server.ssl.enabled:`:: *Default: "false"* Enables SSL for outgoing requests from the Kibana server to the browser. When set to `true`, `server.ssl.certificate` and `server.ssl.key` are required
`server.ssl.cert:`:: Path to the PEM-format SSL certificate. This file enables
SSL for outgoing requests from the Kibana server to the browser.
deprecated[5.3.0,Replaced by `server.ssl.certificate`]
`server.ssl.certificate:` and `server.ssl.key:`:: Paths to the PEM-format SSL certificate and SSL key files, respectively.
`server.ssl.certificateAuthorities:`:: List of paths to PEM encoded certificate files that should be trusted.