Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Instructions to retrieve keystore pwd #84340

Merged
merged 3 commits into from
Feb 25, 2022

Conversation

jkakavas
Copy link
Member

In 8.0.0. we introduce TLS autoconfiguration. We store the key and
certificate materials in password protected PKCS#12 keystores and
we store these passwords in the elasticsearch keystore.
This commit adds instructions on how to get hold of the passwords
for users to inspect or alter the PKCS#12 keystores.

In 8.0.0. we introduce TLS autoconfiguration. We store the key and
certificate materials in password protected PKCS#12 keystores and
we store these passwords in the elasticsearch keystore.
This commit adds instructions on how to get hold of the passwords
for users to inspect or alter the PKCS#12 keystores.
@jkakavas jkakavas added >docs General docs changes :Security/Security Security issues without another label v8.2.0 v8.1.1 v8.0.2 labels Feb 24, 2022
@jkakavas jkakavas requested a review from jrodewig February 24, 2022 13:54
@elasticmachine elasticmachine added Team:Docs Meta label for docs team Team:Security Meta label for security team labels Feb 24, 2022
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-docs (Team:Docs)

Copy link
Contributor

@jrodewig jrodewig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I left a suggestion that you can ignore if wanted. Thanks!

Comment on lines 25 to 35
Use the following command to retrieve the password for `transport.p12`:
[source,sh]
-------------------------
bin/elasticsearch-keystore show xpack.security.transport.ssl.keystore.secure_password
-------------------------

Use the following command to retrieve the password for `http.p12`:
[source,sh]
-------------------------
bin/elasticsearch-keystore show xpack.security.http.ssl.keystore.secure_password
-------------------------
Copy link
Contributor

@jrodewig jrodewig Feb 24, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we flip the order of these snippets so they match the order above?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On mobile but I’ll make the change later, makes sense!

@jkakavas jkakavas merged commit 8cebba5 into elastic:master Feb 25, 2022
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Mar 14, 2022
In 8.0.0. we introduce TLS autoconfiguration. We store the key and
certificate materials in password protected PKCS#12 keystores and
we store these passwords in the elasticsearch keystore.
This commit adds instructions on how to get hold of the passwords
for users to inspect or alter the PKCS#12 keystores.

(cherry picked from commit 8cebba5)
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Mar 14, 2022
In 8.0.0. we introduce TLS autoconfiguration. We store the key and
certificate materials in password protected PKCS#12 keystores and
we store these passwords in the elasticsearch keystore.
This commit adds instructions on how to get hold of the passwords
for users to inspect or alter the PKCS#12 keystores.

(cherry picked from commit 8cebba5)
@jkakavas
Copy link
Member Author

💚 All backports created successfully

Status Branch Result
8.1
8.0

Questions ?

Please refer to the Backport tool documentation

jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Mar 14, 2022
In elastic#84340 we adjusted the docs to show instructions on how to
retrieve TLS keystores passwords from the elasticsearch keystore
but the security-files-reference.asciidoc was not referenced in
all places where the instructions should be used. This commit
changes that and also removes references for beta versions.
jkakavas added a commit that referenced this pull request Mar 15, 2022
In #84340 we adjusted the docs to show instructions on how to
retrieve TLS keystores passwords from the elasticsearch keystore
but the security-files-reference.asciidoc was not referenced in
all places where the instructions should be used. This commit
changes that and also removes references for beta versions.
jkakavas added a commit that referenced this pull request Mar 15, 2022
In 8.0.0. we introduce TLS autoconfiguration. We store the key and
certificate materials in password protected PKCS#12 keystores and
we store these passwords in the elasticsearch keystore.
This commit adds instructions on how to get hold of the passwords
for users to inspect or alter the PKCS#12 keystores.

(cherry picked from commit 8cebba5)
jkakavas added a commit that referenced this pull request Mar 15, 2022
In 8.0.0. we introduce TLS autoconfiguration. We store the key and
certificate materials in password protected PKCS#12 keystores and
we store these passwords in the elasticsearch keystore.
This commit adds instructions on how to get hold of the passwords
for users to inspect or alter the PKCS#12 keystores.

(cherry picked from commit 8cebba5)
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Mar 15, 2022
In elastic#84340 we adjusted the docs to show instructions on how to
retrieve TLS keystores passwords from the elasticsearch keystore
but the security-files-reference.asciidoc was not referenced in
all places where the instructions should be used. This commit
changes that and also removes references for beta versions.

(cherry picked from commit 7c33a77)
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Mar 15, 2022
In elastic#84340 we adjusted the docs to show instructions on how to
retrieve TLS keystores passwords from the elasticsearch keystore
but the security-files-reference.asciidoc was not referenced in
all places where the instructions should be used. This commit
changes that and also removes references for beta versions.

(cherry picked from commit 7c33a77)
jkakavas added a commit that referenced this pull request Mar 15, 2022
In #84340 we adjusted the docs to show instructions on how to
retrieve TLS keystores passwords from the elasticsearch keystore
but the security-files-reference.asciidoc was not referenced in
all places where the instructions should be used. This commit
changes that and also removes references for beta versions.

(cherry picked from commit 7c33a77)
jkakavas added a commit that referenced this pull request Mar 15, 2022
In #84340 we adjusted the docs to show instructions on how to
retrieve TLS keystores passwords from the elasticsearch keystore
but the security-files-reference.asciidoc was not referenced in
all places where the instructions should be used. This commit
changes that and also removes references for beta versions.

(cherry picked from commit 7c33a77)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
>docs General docs changes :Security/Security Security issues without another label Team:Docs Meta label for docs team Team:Security Meta label for security team v8.0.2 v8.1.1 v8.2.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants