Improve warning when using elasticsearch.ssl.certificate without elasticsearch.ssl.key and vice versa
#54537
Labels
Comments
jportner
added
chore
Team:Security
|
Pinging @elastic/kibana-security (Team:Security) |
legrego
changed the title
elasticsearch.ssl.certificate without elasticsearch.ssl.key and vice versaelasticsearch.ssl.certificate without elasticsearch.ssl.key and vice versa
|
We originally intended to throw an error starting in 8.0, but in the interests of making upgrades easier, we are opting not to make that change. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Starting in 8.0, we should prevent Kibana from starting if
elasticsearch.ssl.certificatewithoutelasticsearch.ssl.keyand vice versa. This configuration will not enable TLS client authentication to Elasticsearch, and is unsupported.Starting in 7.6, we're warning the user via deprecation logs (see #54392), so we are safe to enforce this in 8.0 after properly documenting it as a breaking change.
The text was updated successfully, but these errors were encountered: