Add API integration tests for Interactive Setup. (#111879)
This commit is contained in:
parent
ebb9e24b61
commit
025861c189
|
@ -498,6 +498,7 @@ module.exports = {
|
||||||
'x-pack/plugins/apm/**/*.js',
|
'x-pack/plugins/apm/**/*.js',
|
||||||
'test/*/config.ts',
|
'test/*/config.ts',
|
||||||
'test/*/config_open.ts',
|
'test/*/config_open.ts',
|
||||||
|
'test/*/*.config.ts',
|
||||||
'test/*/{tests,test_suites,apis,apps}/**/*',
|
'test/*/{tests,test_suites,apis,apps}/**/*',
|
||||||
'test/visual_regression/tests/**/*',
|
'test/visual_regression/tests/**/*',
|
||||||
'x-pack/test/*/{tests,test_suites,apis,apps}/**/*',
|
'x-pack/test/*/{tests,test_suites,apis,apps}/**/*',
|
||||||
|
@ -1596,6 +1597,7 @@ module.exports = {
|
||||||
{
|
{
|
||||||
files: [
|
files: [
|
||||||
'src/plugins/interactive_setup/**/*.{js,mjs,ts,tsx}',
|
'src/plugins/interactive_setup/**/*.{js,mjs,ts,tsx}',
|
||||||
|
'test/interactive_setup_api_integration/**/*.{js,mjs,ts,tsx}',
|
||||||
'x-pack/plugins/encrypted_saved_objects/**/*.{js,mjs,ts,tsx}',
|
'x-pack/plugins/encrypted_saved_objects/**/*.{js,mjs,ts,tsx}',
|
||||||
'x-pack/plugins/security/**/*.{js,mjs,ts,tsx}',
|
'x-pack/plugins/security/**/*.{js,mjs,ts,tsx}',
|
||||||
'x-pack/plugins/spaces/**/*.{js,mjs,ts,tsx}',
|
'x-pack/plugins/spaces/**/*.{js,mjs,ts,tsx}',
|
||||||
|
|
5
.github/CODEOWNERS
vendored
5
.github/CODEOWNERS
vendored
|
@ -244,7 +244,6 @@
|
||||||
/packages/kbn-std/ @elastic/kibana-core
|
/packages/kbn-std/ @elastic/kibana-core
|
||||||
/packages/kbn-config/ @elastic/kibana-core
|
/packages/kbn-config/ @elastic/kibana-core
|
||||||
/packages/kbn-logging/ @elastic/kibana-core
|
/packages/kbn-logging/ @elastic/kibana-core
|
||||||
/packages/kbn-crypto/ @elastic/kibana-core
|
|
||||||
/packages/kbn-http-tools/ @elastic/kibana-core
|
/packages/kbn-http-tools/ @elastic/kibana-core
|
||||||
/src/plugins/saved_objects_management/ @elastic/kibana-core
|
/src/plugins/saved_objects_management/ @elastic/kibana-core
|
||||||
/src/dev/run_check_published_api_changes.ts @elastic/kibana-core
|
/src/dev/run_check_published_api_changes.ts @elastic/kibana-core
|
||||||
|
@ -285,9 +284,11 @@
|
||||||
/packages/kbn-i18n/ @elastic/kibana-localization @elastic/kibana-core
|
/packages/kbn-i18n/ @elastic/kibana-localization @elastic/kibana-core
|
||||||
#CC# /x-pack/plugins/translations/ @elastic/kibana-localization @elastic/kibana-core
|
#CC# /x-pack/plugins/translations/ @elastic/kibana-localization @elastic/kibana-core
|
||||||
|
|
||||||
# Security
|
# Kibana Platform Security
|
||||||
|
/packages/kbn-crypto/ @elastic/kibana-security
|
||||||
/src/core/server/csp/ @elastic/kibana-security @elastic/kibana-core
|
/src/core/server/csp/ @elastic/kibana-security @elastic/kibana-core
|
||||||
/src/plugins/interactive_setup/ @elastic/kibana-security
|
/src/plugins/interactive_setup/ @elastic/kibana-security
|
||||||
|
/test/interactive_setup_api_integration/ @elastic/kibana-security
|
||||||
/x-pack/plugins/spaces/ @elastic/kibana-security
|
/x-pack/plugins/spaces/ @elastic/kibana-security
|
||||||
/x-pack/plugins/encrypted_saved_objects/ @elastic/kibana-security
|
/x-pack/plugins/encrypted_saved_objects/ @elastic/kibana-security
|
||||||
/x-pack/plugins/security/ @elastic/kibana-security
|
/x-pack/plugins/security/ @elastic/kibana-security
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -30,15 +30,17 @@ The password used for both of these is "storepass". Other copies are also provid
|
||||||
|
|
||||||
[Elasticsearch cert-util](https://www.elastic.co/guide/en/elasticsearch/reference/current/certutil.html) and [OpenSSL](https://www.openssl.org/) were used to generate these certificates. The following commands were used from the root directory of Elasticsearch:
|
[Elasticsearch cert-util](https://www.elastic.co/guide/en/elasticsearch/reference/current/certutil.html) and [OpenSSL](https://www.openssl.org/) were used to generate these certificates. The following commands were used from the root directory of Elasticsearch:
|
||||||
|
|
||||||
|
__IMPORTANT:__ CA keystore (ca.p12) is not checked in intentionally, talk to @elastic/kibana-security if you need it to sign new certificates.
|
||||||
|
|
||||||
```
|
```
|
||||||
# Generate the PKCS #12 keystore for a CA, valid for 50 years
|
# Generate the PKCS #12 keystore for a CA, valid for 50 years
|
||||||
bin/elasticsearch-certutil ca -days 18250 --pass castorepass
|
bin/elasticsearch-certutil ca --out ca.p12 -days 18250 --pass castorepass
|
||||||
|
|
||||||
# Generate the PKCS #12 keystore for Elasticsearch and sign it with the CA
|
# Generate the PKCS #12 keystore for Elasticsearch and sign it with the CA
|
||||||
bin/elasticsearch-certutil cert -days 18250 --ca elastic-stack-ca.p12 --ca-pass castorepass --name elasticsearch --dns localhost --pass storepass
|
bin/elasticsearch-certutil cert --out elasticsearch.p12 -days 18250 --ca ca.p12 --ca-pass castorepass --name elasticsearch --dns localhost --pass storepass
|
||||||
|
|
||||||
# Generate the PKCS #12 keystore for Kibana and sign it with the CA
|
# Generate the PKCS #12 keystore for Kibana and sign it with the CA
|
||||||
bin/elasticsearch-certutil cert -days 18250 --ca elastic-stack-ca.p12 --ca-pass castorepass --name kibana --dns localhost --pass storepass
|
bin/elasticsearch-certutil cert --out kibana.p12 -days 18250 --ca ca.p12 --ca-pass castorepass --name kibana --dns localhost --pass storepass
|
||||||
|
|
||||||
# Copy the PKCS #12 keystore for Elasticsearch with an empty password
|
# Copy the PKCS #12 keystore for Elasticsearch with an empty password
|
||||||
openssl pkcs12 -in elasticsearch.p12 -nodes -passin pass:"storepass" -passout pass:"" | openssl pkcs12 -export -out elasticsearch_emptypassword.p12 -passout pass:""
|
openssl pkcs12 -in elasticsearch.p12 -nodes -passin pass:"storepass" -passout pass:"" | openssl pkcs12 -export -out elasticsearch_emptypassword.p12 -passout pass:""
|
||||||
|
|
|
@ -1,29 +1,29 @@
|
||||||
Bag Attributes
|
Bag Attributes
|
||||||
friendlyName: elasticsearch
|
friendlyName: elasticsearch
|
||||||
localKeyID: 54 69 6D 65 20 31 35 37 37 34 36 36 31 39 38 30 33 37
|
localKeyID: 54 69 6D 65 20 31 36 33 34 31 32 30 31 35 32 31 39 33
|
||||||
Key Attributes: <No Attributes>
|
Key Attributes: <No Attributes>
|
||||||
Bag Attributes
|
Bag Attributes
|
||||||
friendlyName: ca
|
friendlyName: ca
|
||||||
2.16.840.1.113894.746875.1.1: <Unsupported tag 6>
|
2.16.840.1.113894.746875.1.1: <Unsupported tag 6>
|
||||||
subject=/CN=Elastic Certificate Tool Autogenerated CA
|
subject=CN = Elastic Certificate Tool Autogenerated CA
|
||||||
issuer=/CN=Elastic Certificate Tool Autogenerated CA
|
issuer=CN = Elastic Certificate Tool Autogenerated CA
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIDSzCCAjOgAwIBAgIUW0brhEtYK3tUBYlXnUa+AMmAX6kwDQYJKoZIhvcNAQEL
|
MIIDTDCCAjSgAwIBAgIVAJUW7Ky1rVeyYxsS1dGcF3HZpknsMA0GCSqGSIb3DQEB
|
||||||
BQAwNDEyMDAGA1UEAxMpRWxhc3RpYyBDZXJ0aWZpY2F0ZSBUb29sIEF1dG9nZW5l
|
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||||
cmF0ZWQgQ0EwIBcNMTkxMjI3MTcwMjMyWhgPMjA2OTEyMTQxNzAyMzJaMDQxMjAw
|
ZXJhdGVkIENBMCAXDTIxMTAxMzEwMTU0MVoYDzIwNzExMDAxMTAxNTQxWjA0MTIw
|
||||||
BgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2VuZXJhdGVkIENB
|
MAYDVQQDEylFbGFzdGljIENlcnRpZmljYXRlIFRvb2wgQXV0b2dlbmVyYXRlZCBD
|
||||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplO5m5Xy8xERyA0/G5SM
|
QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSQK7Q/wBblLXhD8WZc
|
||||||
Nu2QXkfS+m7ZTFjSmtwqX7BI1I6ISI4Yw8QxzcIgSbEGlSqb7baeT+A/1JQj0gZN
|
HO0mwEOILBVRCY2wcSLaibfzxvX/EhX7mAbozrCgj0hOTFZldzoSHURZmLUntONF
|
||||||
KOnKbazl+ujVRJpsfpt5iUsnQyVPheGekcHkB+9WkZPgZ1oGRENr/4Eb1VImQf+Y
|
vUxWyR3ulAXuCfpvxoh7+WJWWvk0m8iI5GzwYjCYoRDRgLrzPlNSRd6CuW4z5vXC
|
||||||
yo/FUj8X939tYW0fficAqYKv8/4NWpBUbeop8wsBtkz738QKlmPkMwC4FbuF2/bN
|
sT7MjE69iAEmXR6bdV6GvQ3kBVUJVCz23QbXLCl4gzWAWsfXuNx1+ZjJXeM/eEkH
|
||||||
vNuzQuRbGMVmPeyivZJRfDAMKExoXjCCLmbShdg4dUHsUjVeWQZ6s4vbims+8qF9
|
dQbmBoG6jKJtnSlXjG/s2aSi/Jv/GoHJJT7YQXSvWFpklu3Dk9c+FacQoz95HZD1
|
||||||
b4bseayScQNNU3hc5mkfhEhSM0KB0lDpSvoCxuXvXzb6bOk7xIdYo+O4vHUhvSkQ
|
qbaruKq1SjIG6Leht3DNpNT7n5q1EQeZ5uhhWMAI81vRgAZYZxwGJQF19Qgz13D6
|
||||||
mwIDAQABo1MwUTAdBgNVHQ4EFgQUGu0mDnvDRnBdNBG8DxwPdWArB0kwHwYDVR0j
|
de8CAwEAAaNTMFEwHQYDVR0OBBYEFDBMKsCOW9DGKTccGhyfU8NS6d6eMB8GA1Ud
|
||||||
BBgwFoAUGu0mDnvDRnBdNBG8DxwPdWArB0kwDwYDVR0TAQH/BAUwAwEB/zANBgkq
|
IwQYMBaAFDBMKsCOW9DGKTccGhyfU8NS6d6eMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
|
||||||
hkiG9w0BAQsFAAOCAQEASv/FYOwWGnQreH8ulcVupGeZj25dIjZiuKfJmslH8QN/
|
KoZIhvcNAQELBQADggEBABf0ZznDu2m9IVn7ThLPb5UJU/rZiTkRyP6cqPFFtSww
|
||||||
pVCIzAxNZjGjCpKxbJoCu5U9USaBylbhigeBJEq4wmYTs/WPu4uYMgDj0MILuHin
|
TiZ0+AS5phGFV8f/znC/scU2u57EAl8DWSalJZTXJMekboFpfXJME/BK66I6wdSi
|
||||||
RQqgEVG0uADGEgH2nnk8DeY8gQvGpJRQGlXNK8pb+pCsy6F8k/svGOeBND9osHfU
|
TfL99HjYR6LYyjvkXhoIBhR1eCw1zwm8IGzRV++/zY5ksYb5GQ9smFr3TNgqgdsv
|
||||||
CVEo5nXjfq6JCFt6hPx7kl4h3/j3C4wNy/Dv/QINdpPsl6CnF17Q9R9d60WFv42/
|
GnPJgytVc/sYXuc1l7MS8j1Q+JLhpIymDKCJ2CB+x2p2oMYqJmFstc8I0z6vZtiM
|
||||||
pkl7W1hszCG9foNJOJabuWfVoPkvKQjoCvPitZt/hCaFZAW49PmAVhK+DAohQ91l
|
zeyy07qK71uOfD5F1HHw/rv738yrlq7NwAH9fc3/0fPueyjTHSQtKiSBfc0phEMz
|
||||||
TZhDmYqHoXNiRDQiUT68OS7RlfKgNpr/vMTZXDxpmw==
|
TV7Px45EUVFhn9YgIHGBSKPkA5QCC3bPNb6iYGREDcU=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
|
|
@ -1,29 +1,29 @@
|
||||||
Bag Attributes
|
Bag Attributes
|
||||||
friendlyName: elasticsearch
|
friendlyName: elasticsearch
|
||||||
localKeyID: 54 69 6D 65 20 31 35 37 37 34 36 36 31 39 38 30 33 37
|
localKeyID: 54 69 6D 65 20 31 36 33 34 31 32 30 31 35 32 31 39 33
|
||||||
Key Attributes: <No Attributes>
|
Key Attributes: <No Attributes>
|
||||||
Bag Attributes
|
Bag Attributes
|
||||||
friendlyName: elasticsearch
|
friendlyName: elasticsearch
|
||||||
localKeyID: 54 69 6D 65 20 31 35 37 37 34 36 36 31 39 38 30 33 37
|
localKeyID: 54 69 6D 65 20 31 36 33 34 31 32 30 31 35 32 31 39 33
|
||||||
subject=/CN=elasticsearch
|
subject=CN = elasticsearch
|
||||||
issuer=/CN=Elastic Certificate Tool Autogenerated CA
|
issuer=CN = Elastic Certificate Tool Autogenerated CA
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIDQDCCAiigAwIBAgIVAI93OQE6tZffPyzenSg3ljE3JJBzMA0GCSqGSIb3DQEB
|
MIIDPzCCAiegAwIBAgIUCTO1pAvYtfaJndsQwa9cS/AtoSowDQYJKoZIhvcNAQEL
|
||||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
BQAwNDEyMDAGA1UEAxMpRWxhc3RpYyBDZXJ0aWZpY2F0ZSBUb29sIEF1dG9nZW5l
|
||||||
ZXJhdGVkIENBMCAXDTE5MTIyNzE3MDMxN1oYDzIwNjkxMjE0MTcwMzE3WjAYMRYw
|
cmF0ZWQgQ0EwIBcNMjExMDEzMTAxNTUyWhgPMjA3MTEwMDExMDE1NTJaMBgxFjAU
|
||||||
FAYDVQQDEw1lbGFzdGljc2VhcmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
BgNVBAMTDWVsYXN0aWNzZWFyY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
CgKCAQEA2EkPfvE3ZNMjHCAQZhpImoXBCIN6KavvJSbVHRtLzAXB4wxige+vFQWb
|
AoIBAQCJK4KLS0kSIM+eqdMq4nO1p7nQ7ADUXIYjeRKaCycSJ7sj//1FRdj2NhLb
|
||||||
4umqPeEeVH7FvrsRqn24tUgGIkag9p9AOwYxfcT3vwNqcK/EztIlYFs72pmYg7Ez
|
gdSX2VGIUZyOw4ptw6bGo0A7KyFE4yJZdG9m+VC1PFck3WaIdQHFdxgMia9deIHx
|
||||||
s6+qLc/YSLOT3aMoHKDHE93z1jYIDGccyjGbv9NsdgCbLHD0TQuqm+7pKy1MZoJm
|
sU1ETnC4PstdkrsZZpf5+twS6O9TaIQolG6nEShst075v2b3y0NDHcxKW+BtSw27
|
||||||
0qn4KYw4kXakVNWlxm5GIwr8uqU/w4phrikcOOWqRzsxByoQajypLOA4eD/uWnI2
|
HEHlchhP/Uj4haVMABQahfP8gv5vlHqStuOOWeoSgwF5FngCekx+ZeoIf5wVWfE1
|
||||||
zGyPQy7Bkxojiy1ss0CVlrl8fJgcjC4PONpm1ibUSX3SoZ8PopPThR6gvvwoQolR
|
SzDlU7L/JdYOrAp+kN+2g+b4qcr+WvFNCEwbhjJjd9/VIJ5z9kIjJhG9z1NilPhR
|
||||||
rYu4+D+rsX7q/ldA6vBOiHBD8r4QoQIDAQABo2MwYTAdBgNVHQ4EFgQUSlIMCYYd
|
RVPG4njS6PxTufejbWN/360HfZbZAgMBAAGjYzBhMB0GA1UdDgQWBBR0kfoZtlNi
|
||||||
e72A0rUqaCkjVPkGPIwwHwYDVR0jBBgwFoAUGu0mDnvDRnBdNBG8DxwPdWArB0kw
|
ZKxVBPhhpipoXdTQMjAfBgNVHSMEGDAWgBQwTCrAjlvQxik3HBocn1PDUunenjAU
|
||||||
FAYDVR0RBA0wC4IJbG9jYWxob3N0MAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQAD
|
BgNVHREEDTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOC
|
||||||
ggEBAImbzBVAEjiLRsNDLP7QAl0k7lVmfQRFz5G95ZTAUSUgbqqymDvry47yInFF
|
AQEAkNcEM6mBzCdECFtuor3lfxrXzmrIo3wUspbv6Rrm4+n6TwJIYp6ydf4OcruR
|
||||||
3o12TuI1GxK5zHzi+qzpJLyrnGwGK5JBR+VGxIBBKFVcFh1WNGKV6kSO/zBzO7PO
|
Uv5feevaYXwDRHBkIEGvhU5po6sGp6k7ppXS5bgrEtAhJSK8SOsLINnbJLnptmZQ
|
||||||
4Jw4G7By/ImWvS0RBhBUQ9XbQZN3WcVkVVV8UQw5Y7JoKtM+fzyEKXKRCTsvgH+h
|
Jharcks5STEqfJFB2QBZvFSLLpvO9g/N8sMro6ZvaUXhfW9DNpd6GIUXQiMhKLex
|
||||||
3+fUBgqwal2Mz4KPH57Jrtk209dtn7tnQxHTNLo0niHyEcfrpuG3YFqTwekr+5FF
|
t80Sb4zuahTRqUSi2j5Hoq8ouc7U9T/RmA3zXNmzq7YvL/gv2it67qdyKvpzoX7t
|
||||||
FniIcYHPGjag1WzLIdyhe88FFpuav19mlCaxBACc7t97v+euSVUWnsKpy4dLydpv
|
HJaT1HU0o5Xi/Ol33C/wvfRe05UrHEUil148n/XWz3EJky7El2LYbg36/++mVTHX
|
||||||
NxJiI9eWbJZ7f5VM7o64pm7U1cU=
|
xUXS+FdZ1rBlGnGwOHTPHj5FMQ==
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
|
|
@ -1,27 +1,27 @@
|
||||||
-----BEGIN RSA PRIVATE KEY-----
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
MIIEogIBAAKCAQEA2EkPfvE3ZNMjHCAQZhpImoXBCIN6KavvJSbVHRtLzAXB4wxi
|
MIIEowIBAAKCAQEAiSuCi0tJEiDPnqnTKuJztae50OwA1FyGI3kSmgsnEie7I//9
|
||||||
ge+vFQWb4umqPeEeVH7FvrsRqn24tUgGIkag9p9AOwYxfcT3vwNqcK/EztIlYFs7
|
RUXY9jYS24HUl9lRiFGcjsOKbcOmxqNAOyshROMiWXRvZvlQtTxXJN1miHUBxXcY
|
||||||
2pmYg7Ezs6+qLc/YSLOT3aMoHKDHE93z1jYIDGccyjGbv9NsdgCbLHD0TQuqm+7p
|
DImvXXiB8bFNRE5wuD7LXZK7GWaX+frcEujvU2iEKJRupxEobLdO+b9m98tDQx3M
|
||||||
Ky1MZoJm0qn4KYw4kXakVNWlxm5GIwr8uqU/w4phrikcOOWqRzsxByoQajypLOA4
|
SlvgbUsNuxxB5XIYT/1I+IWlTAAUGoXz/IL+b5R6krbjjlnqEoMBeRZ4AnpMfmXq
|
||||||
eD/uWnI2zGyPQy7Bkxojiy1ss0CVlrl8fJgcjC4PONpm1ibUSX3SoZ8PopPThR6g
|
CH+cFVnxNUsw5VOy/yXWDqwKfpDftoPm+KnK/lrxTQhMG4YyY3ff1SCec/ZCIyYR
|
||||||
vvwoQolRrYu4+D+rsX7q/ldA6vBOiHBD8r4QoQIDAQABAoIBAB+s44YV0aUEfvnZ
|
vc9TYpT4UUVTxuJ40uj8U7n3o21jf9+tB32W2QIDAQABAoIBAAdC/+q65hfpF8S5
|
||||||
gE1TwBpRSGn0x2le8tEgFMoEe19P4Itd/vdEoQGVJrVevz38wDJjtpYuU3ICo5B5
|
Dd5X1bNYuUwXqmWTrmBDYRo5m+xooQ4jV7eqnnVOYIoxYd1WGmxikay3KmVsNbCP
|
||||||
EdznNx+nRwLd71WaCSaCW45RT6Nyh2LLOcLUB9ARnZ7NNUEsVWKgWiF1iaRXr5Ar
|
ZO+c9WptsdxVfy5O5ZhqpNxlQi/YLetTxjins1p57jsq3UHP+0StwltmULRkC4im
|
||||||
S1Ct7RPT7hV2mnbHgfTuNcuWZ1D5BUcqNczNoHsV6guFChiwTr7ZObnKj4qJLwdu
|
4K65mS3ruw9g6Ei87kxvGeW73coha0syjORYGcFUynX/DfLi5svUjtSyVUQ1KCiU
|
||||||
ioYYWno4ZLgsk4SfW6DXUCvfKROfYdDd2rGu0NQ4QxT3Q98AsXlrlUITBQbpQEgy
|
KYc0q+SzsgXd71Ngr/HZR4ncCoACW3q/pLp0AUvDY0wZMkACOav2m9D2AnRPbPrA
|
||||||
5GSTEh/4sRYj4NQZqncDpPgXm22kYdU7voBjt/zu66oq1W6kKQ4JwPmyc2SI0haa
|
+/n7LlrD0+LDScZx5nwO3ToFZuTDUXt3G0UWRaQfqiAZxNs2oeOc2gKegEJnPKIo
|
||||||
/pyCMtkCgYEA/y3vs59RvrM6xpT77lf7WigSBbIBQxeKs9RGNoN0Nn/eR0MlQAUG
|
/BLN/D8CgYEAvMmtcZyrw8vifpP32erSBx2+wftt2JA9GdtZlOxu/kbWH7DAZ75g
|
||||||
SmCkkEOcUGuVMnoo5Kc73IP/Q1+O4UGg7f1Gs8KeFPFQMm/wcSL7obvRWray1Bw6
|
YUT0nkcIRrvAS5FCVpOIENZit0RIvA5gM08Brko2mBIRQAbMWmu+c7RUBIa2xVDF
|
||||||
ohITJPqZYZrw3hmkOMxkLpvUydivN1Unm7BezjOa+T/+OaV3PyAYufsCgYEA2Psb
|
kjputhlWTT7xY03VbJThqUG4oK+zJJSb/RfRM4x2dRYskb7MEwqZFzcCgYEAugFT
|
||||||
S8OQhFiVbOKlMYOebvG+AnhAzJiSVus9R9NcViv20E61PRj2rfA398pYpZ8nxaQp
|
t/0Lj+OXR+2pcjPk5VmxjCv4xohNOaX4YZ4/rK4H+gi9iyx232zE/1Dtz5SB4+uw
|
||||||
cWGy+POZbkxRCprZ1GHkwWjaQysgeOCbJv8nQ2oh5C0ZCaGw6lfmi2mN097+Prmx
|
6hx7Aw3r5U9h1fauT60rSrydChEpFqcfpNQca7HncbF2DDdtEX+ZBkBDZ/U3LJ6Y
|
||||||
QE8j8OKj3wVI6bniCF7vzwfG3c5cU73elLTAWRMCgYBoA/eDRlvx2ekJbU1MGDzy
|
pI4o0vCLmiqZYbQ/+4v2f2/5ZqrzyMKLJ3zeqm8CgYAfCHP3ag6eJ+S6c+5ZJw2R
|
||||||
wQann6l4Ca6WIt8D9Y13caPPdIVIlUO9KauqyoR7G39TdgwZODnkZ0Gz2s3I8BGD
|
V+Vkk8URxVwV5QXLwjXYnKJUIUTviM7lDmW7oueMYQ6SHXWvL589TVB62cGvEBnm
|
||||||
MQyS1a/OZZcFGC/wTgw4HvD1gydd4qvbyHZZSnUfHiM0xUr1hAsKHKceJ980NNfS
|
NUWMdeyVgNrPEI8FChMLiAgLmm1u8AEaMXrDelTCa+dYMJI1wB98KC6GU3t6NueR
|
||||||
VJAwiUSQeQ9NvC7hYlnx5QKBgDxESsmZcRuBa0eKEC4Xi7rvBEK1WfI58nOX9TZs
|
ahnchGlwg82dw6ReOO7DbwKBgGe5Sbg2EfaBUeE4dN9MdP44kDu8YZREedwF44Z8
|
||||||
+3mnzm7/XZGxzFp1nWYC2uptsWNQ/H3UkBxbtOMQ6XWTmytFYX9i+zSq1uMcJ5wG
|
OsHOooAZ06kCeJ+LBifiN1skU3KIAjXq/+XqI3vSUpqAXx/rT1Lz7xaoDyOkuo6u
|
||||||
RMaRxQYWjJzDP1tnvM4+LDmL93w+oX/mO2pd2PxKAH2CtshybhNH6rGS7swHsboG
|
AdNEd+38qfmSBu5VGz5TI8ObCNOG9VP+OmG25gJocvP7EhryJ9lU1d0cw6lWY0b3
|
||||||
FmLnAoGAYTnTcWD1qiwjbJR5ZdukAjIq39cGcf0YOVJCiaFS+5vTirbw04ARvNyM
|
6StdAoGBAKUkfbN7qbB+jiZt/6ArYWQE4PL4pqi+B+84xSrp46e41mmocezKhnsp
|
||||||
rxU8EpVN1sKC411pgNvlm6KZJHwihRRQoY+UI2fn78bHBH991QhlrTPO6TBZx7Aw
|
DxdcuZyg9OXs1xi6AaJtCbelho9bT8jC51GZSFvf887fvGVq7j1TgxWp4mvlqiX7
|
||||||
+hzyxqAiSBX65dQo0e4C15wZysQO/bdT5Def0+UTDR8j8ZgMAQg=
|
tztiggaPXwRZQiThxdJaCIadw26hxdLNOcdGOl/u2m0rudvwybab
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,29 +1,29 @@
|
||||||
Bag Attributes
|
Bag Attributes
|
||||||
friendlyName: kibana
|
friendlyName: kibana
|
||||||
localKeyID: 54 69 6D 65 20 31 35 37 37 34 36 36 32 32 33 30 33 39
|
localKeyID: 54 69 6D 65 20 31 36 33 34 31 32 30 31 35 38 38 30 33
|
||||||
Key Attributes: <No Attributes>
|
Key Attributes: <No Attributes>
|
||||||
Bag Attributes
|
Bag Attributes
|
||||||
friendlyName: kibana
|
friendlyName: kibana
|
||||||
localKeyID: 54 69 6D 65 20 31 35 37 37 34 36 36 32 32 33 30 33 39
|
localKeyID: 54 69 6D 65 20 31 36 33 34 31 32 30 31 35 38 38 30 33
|
||||||
subject=/CN=kibana
|
subject=CN = kibana
|
||||||
issuer=/CN=Elastic Certificate Tool Autogenerated CA
|
issuer=CN = Elastic Certificate Tool Autogenerated CA
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIDOTCCAiGgAwIBAgIVANNWkg9lzNiLqNkMFhFKHcXyaZmqMA0GCSqGSIb3DQEB
|
MIIDOTCCAiGgAwIBAgIVAN0GVNLw3IaUBuG7t6CeW8w2wyymMA0GCSqGSIb3DQEB
|
||||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||||
ZXJhdGVkIENBMCAXDTE5MTIyNzE3MDM0MloYDzIwNjkxMjE0MTcwMzQyWjARMQ8w
|
ZXJhdGVkIENBMCAXDTIxMTAxMzEwMTU1OFoYDzIwNzExMDAxMTAxNTU4WjARMQ8w
|
||||||
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ
|
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
|
||||||
wYYbQtbRBKJ4uNZc2+IgRU+7NNL21ZebQlEIMgK7jAqOMrsW2b5DATz41Fd+GQFU
|
nvfL3/26D8EkLso+t9S0m+tSJipLsBWs0dCpc8KRJ/+ijDRnAQ5lOmOAcxt43SNY
|
||||||
FUYYjwo+PQj6sJHshOJo/gNb32HrydvMI7YPvevkszkuEGCfXxQ3Dw2RTACLgD0Q
|
KFr0EntQEZyYaRwMIM8aPR0WYW/VV5o4fq2o/JnmHqzZJRJCwZq+5WiCiDPt012N
|
||||||
OCkwHvn3TMf0loloV/ePGWaZDYZaXi3a5DdWi/HFFoJysgF0JV2f6XyKhJkGaEfJ
|
mRGYCMUxjlEwejue6diLAeQhZ/sfN4jUp217bMEHrhHrNBWTwwJ+Uk5TBQMhviCW
|
||||||
s9pWX269zH/XQvGNx4BEimJpYB8h4JnDYPFIiQdqj+sl2b+kS1hH9kL5gBAMXjFU
|
LKbsKrfluA6DGHWrXN4pH7Xmaf/Zyc9AYL/nxwv3VQHZzIAK/U/WNCgFJJ3qoFYY
|
||||||
vcNnX+PmyTjyJrGo75k0ku+spBf1bMwuQt3uSmM+TQIXkvFDmS0DOVESrpA5EC1T
|
6TUwDDNa30mSj165OOds9N+VmUlDC3IFiHV3osBWscSU4HJd6QJ8huHrFLLV4y4i
|
||||||
BUGRz6o/I88Xx4Mud771AgMBAAGjYzBhMB0GA1UdDgQWBBQLB1Eo23M3Ss8MsFaz
|
u62el47Qr+/8Ut3SzeIXAgMBAAGjYzBhMB0GA1UdDgQWBBQli5f2bYL9jKUA5Uxp
|
||||||
V+Twcb3PmDAfBgNVHSMEGDAWgBQa7SYOe8NGcF00EbwPHA91YCsHSTAUBgNVHREE
|
yRRHeCoPJzAfBgNVHSMEGDAWgBQwTCrAjlvQxik3HBocn1PDUunenjAUBgNVHREE
|
||||||
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnEl/
|
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATFNj
|
||||||
z5IElIjvkK4AgMPrNcRlvIGDt2orEik7b6Jsq6/RiJQ7cSsYTZf7xbqyxNsUOTxv
|
WkTBPfgflGYZD4OsYvfT/rVjFKbJP/u1a0rkzNamA2QKNzI9JTOzONPTyRhe9yVS
|
||||||
+frj47MEN448H2nRvUxH29YR3XygV5aEwADSAhwaQWn0QfWTCZbJTmSoNEDtDOzX
|
zeO8X2rtN63l38dtgMjFQ15Xxnp7GFT7GkXfa1JR+tGSGTgVld8nLUzig+mNmBoR
|
||||||
TGDlAoCD9s9Xz9S1JpxY4H+WWRZrBSDM6SC1c6CzuEeZRuScNAjYD5mh2v6fOlSy
|
nE4cNc0JJ1PsXPzfPgJ6WMp2WOoNUrQf2cm42i36Jk+7KGcosfyFMPQILZE34Geo
|
||||||
b8xJWSg0AFlJPCa3ZsA2SKbNqI0uNfJTnkXRm88Z2NHcgtlADbOLKauWfCrpgsCk
|
DAgCVpNWPgST4HYBUCHMC7S14LHLVdUXPsfGZPEqU5Zf9Hvy61rQC/RdNjnMI6JD
|
||||||
cZgo6yAYkOM148h/8wGla1eX+iE1R72NUABGydu8MSQKvc0emWJkGsC1/KqPlf/O
|
s57l9oHASNeEg55NQm01aOmwq/z1DXs3UP2nRmp6XCCfE61ghofO5dtV1j3cZ3f5
|
||||||
eOUsdwn1yDKHRxDHyA==
|
dzkzSBV7H6+/MD3Y8Q==
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
|
|
@ -1,27 +1,27 @@
|
||||||
-----BEGIN RSA PRIVATE KEY-----
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
MIIEowIBAAKCAQEAkMGGG0LW0QSieLjWXNviIEVPuzTS9tWXm0JRCDICu4wKjjK7
|
MIIEpQIBAAKCAQEAt573y9/9ug/BJC7KPrfUtJvrUiYqS7AVrNHQqXPCkSf/oow0
|
||||||
Ftm+QwE8+NRXfhkBVBVGGI8KPj0I+rCR7ITiaP4DW99h68nbzCO2D73r5LM5LhBg
|
ZwEOZTpjgHMbeN0jWCha9BJ7UBGcmGkcDCDPGj0dFmFv1VeaOH6tqPyZ5h6s2SUS
|
||||||
n18UNw8NkUwAi4A9EDgpMB7590zH9JaJaFf3jxlmmQ2GWl4t2uQ3VovxxRaCcrIB
|
QsGavuVogogz7dNdjZkRmAjFMY5RMHo7nunYiwHkIWf7HzeI1Kdte2zBB64R6zQV
|
||||||
dCVdn+l8ioSZBmhHybPaVl9uvcx/10LxjceARIpiaWAfIeCZw2DxSIkHao/rJdm/
|
k8MCflJOUwUDIb4gliym7Cq35bgOgxh1q1zeKR+15mn/2cnPQGC/58cL91UB2cyA
|
||||||
pEtYR/ZC+YAQDF4xVL3DZ1/j5sk48iaxqO+ZNJLvrKQX9WzMLkLd7kpjPk0CF5Lx
|
Cv1P1jQoBSSd6qBWGOk1MAwzWt9Jko9euTjnbPTflZlJQwtyBYh1d6LAVrHElOBy
|
||||||
Q5ktAzlREq6QORAtUwVBkc+qPyPPF8eDLne+9QIDAQABAoIBAHl9suxWYKz00te3
|
XekCfIbh6xSy1eMuIrutnpeO0K/v/FLd0s3iFwIDAQABAoIBAAKgqzzHI/Xdfi7l
|
||||||
alJtSZAEHDLm1tjL034/XnseXiTCGGnYMiWvgnwCIgZFUVlH61GCuV4LT3GFEHA2
|
iS5e6hPQPAytECOMza/vQV7+EZWLLtIlfdB63Y5e8107XclxJ1gpHQLAyvPz3zui
|
||||||
mYKE1PGBn5gQF8MpnAvtPPRhVgaQVUFQBYg86F59h8mWnC545sciG4+DsA/apUem
|
cWzOVrhc5zAn98uOmTM1bjMXXkptO52l3/4wOrsq7upt8YmgjIZXX5Q/N+HZfq7v
|
||||||
wJSOn/u+Odni/AwEV0ALolZFBhl+0rccSr+6paJnzJ7QNiIn6EWbgb0n9WXqkhap
|
aNqsJQBO6B6pmBiJGROrS6/y9/Yt+3jDolgtI6fifYZcMXACoal++BAXbiHYPoff
|
||||||
TqoPclBHm0ObeBI6lNyfvBZ8HB3hyjWZInNCaAs9DnkNPh4evuttUn/KlOPOVn9r
|
+nG5lHrAdQoEfNACNnGFlq2O85EWmr3qxUsZV8TblOirAuaUFk5KhhDvTOfTknHY
|
||||||
xz2UYsmVW6E+yPXUpSYkFQN9aaPF6alOz8PIfF8Wit7pmZMmInluGcwi/us9+ZTN
|
pW8Z4ttD26+QITyUbI56flgLOfe57y0u4XsOPtWQWEteIBxBFsB9MMj4B8XYdiO/
|
||||||
8gNvpoECgYEA0KC7XEoXRsBTN4kPznkGftvj1dtgB35W/HxXNouArQQjCbLhqcsA
|
hma1jSUCgYEA14H/6vtzM42INgphoj0lHFVL8N0DnuUquR77vQStTO2sDvMQrVTk
|
||||||
jqaK0f+stYzSWZXGsKl9yQU9KA7u/wCHmLep70l7WsYYUKdkhWouK0HU5MeeLwB0
|
BKpy5iYmokHPjY7qV7C37/tQVKdQpUz9Lr0ylwinHwX1KasJkYEJGv++Z59sKH+C
|
||||||
N4ekQOQuQGqelqMo7IG2hQhTYD9PB4F3G0Sz1FgdObfuGPKfvNFVjckCgYEAsaAA
|
CZX9lZjfTqPpuEonGgPruc8LOXaaM/+g3Nvs7M4S339gnjCZExNzpLsCgYEA2h8z
|
||||||
IY/TpRBWeWZfyXrnkp3atOPzkdpjb6cfT8Kib9bIECXr7ULUxA5QANX05ofodhsW
|
OhHJpOWOy004HHVjpkWHKTxgZ9xfMLCKjMi1m5sCJ2PCdkd4+wTtkY+u7+iFF1cp
|
||||||
3+7iW5wicyZ1VNVEsPRL0aw7YUbNpBvob8faBUZ2KEdKQr42IfVOo7TQnvVXtumR
|
5CVSvZC6fS0rk11ygXix1ZP7cDJj1y4mxvbzWOtPxvZc882Xv0RDXAQBLXgHW6YE
|
||||||
UE+dNvWUL2PbL0wMxD1XbMSmOze/wF8X2CeyDc0CgYBQnLqol2xVBz1gaRJ1emgb
|
RqvdMczfAx0mbUNke4Umwa5PngSWQAqCYkXNkFUCgYEAhEAY5wEsLyTZxCAWzlMr
|
||||||
HoXzfVemrZeY6cadKdwnfkC3n6n4fJsTg6CCMiOe5vHkca4bVvJmeSK/Vr3cRG0g
|
pPmLQuK+yBHmZ/hlkBeAqkboYbw0Lcp8q4hWPnqHFufAEST1Fp8yIaleILUUvnxC
|
||||||
gl8kOaVzVrXQfE2oC3YZes9zMvqZOLivODcsZ77DXy82D4dhk2FeF/B3cR7tTIYk
|
mx4sH5eFx3oGe22kz5AaIGF1XW3uF+Q3zt4m4lkQINhiI2AOIt7pF/vA7aCk/OgQ
|
||||||
QDCoLP/l7H8QnrdAMza2mQKBgDODwuX475ncviehUEB/26+DBo4V2ms/mj0kjAk2
|
tbiY6rGDz3gBuNIl/hjfzOUCgYEAy1rDO6RRxnZuhoPbiEy5Ns8jkAJGLw55gL9W
|
||||||
2qNy+DzuspjyHADsYbmMU+WUHxA51Q2HG7ET/E3HJpo+7BgiEecye1pADZ391hCt
|
rKKDDiuZ+nc7WWKRHBYgFtFKW0kArB4LZDSXyzwfYYy3T5CTrLmFsoVgqd2Qz5Cr
|
||||||
Nob3I4eU/W2T+uEoYvFJnIOthg3veYyAOolY+ewwmr4B4WX8oGFUOx3Lklo5ehHf
|
flvFzGS139zYFETc8OkHk8X4AxggZAWHfwvEESXb1N9ccAmgqLgexftpJv1HxzUF
|
||||||
mV01AoGBAI/c6OoHdcqQsZxKlxDNLyB2bTbowAcccoZIOjkC5fkkbsmMDLfScBfW
|
EfHaEHECgYEArtWvtUdvRQ20r/X/g+mNyUhbYOy15pAgswLK4gIi8rmQPxR08spl
|
||||||
Q4YYJsmJBdrWNvo7jCl17Mcc4Is3RlmHDrItRkaZj+ehqAN3ejrnPLdgYeW/5XDK
|
uJJ/cl4fGxG95dl/OV+lNdwl4UcvjATdreEMKvG4X4Cxd+42SUf40M6pGxXoyYz+
|
||||||
e7yBj7oJd4oKZc59jVytdHvo5R8K0QohAv9gQEZ/tdypX+xWe+5E
|
i4WujBaEqBBqjKmYNJVgY7EvqF+VYLBVFZYB1zQhdNPcoPgIH/97vvI=
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
|
|
Binary file not shown.
|
@ -257,9 +257,13 @@ exports.Cluster = class Cluster {
|
||||||
// Add to esArgs if ssl is enabled
|
// Add to esArgs if ssl is enabled
|
||||||
if (this._ssl) {
|
if (this._ssl) {
|
||||||
esArgs.push('xpack.security.http.ssl.enabled=true');
|
esArgs.push('xpack.security.http.ssl.enabled=true');
|
||||||
esArgs.push(`xpack.security.http.ssl.keystore.path=${ES_P12_PATH}`);
|
|
||||||
esArgs.push(`xpack.security.http.ssl.keystore.type=PKCS12`);
|
// Include default keystore settings only if keystore isn't configured.
|
||||||
esArgs.push(`xpack.security.http.ssl.keystore.password=${ES_P12_PASSWORD}`);
|
if (!esArgs.some((arg) => arg.startsWith('xpack.security.http.ssl.keystore'))) {
|
||||||
|
esArgs.push(`xpack.security.http.ssl.keystore.path=${ES_P12_PATH}`);
|
||||||
|
esArgs.push(`xpack.security.http.ssl.keystore.type=PKCS12`);
|
||||||
|
esArgs.push(`xpack.security.http.ssl.keystore.password=${ES_P12_PASSWORD}`);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
const args = parseSettings(extractConfigFiles(esArgs, installPath, { log: this._log }), {
|
const args = parseSettings(extractConfigFiles(esArgs, installPath, { log: this._log }), {
|
||||||
|
|
|
@ -13,15 +13,12 @@ const { log: defaultLog } = require('./log');
|
||||||
|
|
||||||
exports.NativeRealm = class NativeRealm {
|
exports.NativeRealm = class NativeRealm {
|
||||||
constructor({ elasticPassword, port, log = defaultLog, ssl = false, caCert }) {
|
constructor({ elasticPassword, port, log = defaultLog, ssl = false, caCert }) {
|
||||||
this._client = new Client({
|
const auth = { username: 'elastic', password: elasticPassword };
|
||||||
node: `${ssl ? 'https' : 'http'}://elastic:${elasticPassword}@localhost:${port}`,
|
this._client = new Client(
|
||||||
ssl: ssl
|
ssl
|
||||||
? {
|
? { node: `https://localhost:${port}`, ssl: { ca: caCert, rejectUnauthorized: true }, auth }
|
||||||
ca: caCert,
|
: { node: `http://localhost:${port}`, auth }
|
||||||
rejectUnauthorized: true,
|
);
|
||||||
}
|
|
||||||
: undefined,
|
|
||||||
});
|
|
||||||
this._elasticPassword = elasticPassword;
|
this._elasticPassword = elasticPassword;
|
||||||
this._log = log;
|
this._log = log;
|
||||||
}
|
}
|
||||||
|
|
|
@ -169,7 +169,7 @@ export async function startServers({ ...options }: StartServerOptions) {
|
||||||
...opts,
|
...opts,
|
||||||
extraKbnOpts: [
|
extraKbnOpts: [
|
||||||
...options.extraKbnOpts,
|
...options.extraKbnOpts,
|
||||||
...(options.installDir ? [] : ['--dev', '--no-dev-config']),
|
...(options.installDir ? [] : ['--dev', '--no-dev-config', '--no-dev-credentials']),
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
|
@ -16,6 +16,7 @@ export class KbnClientPlugins {
|
||||||
public async getEnabledIds() {
|
public async getEnabledIds() {
|
||||||
const apiResp = await this.status.get();
|
const apiResp = await this.status.get();
|
||||||
|
|
||||||
return Object.keys(apiResp.status.plugins);
|
// Status may not be available at the `preboot` stage.
|
||||||
|
return Object.keys(apiResp.status?.plugins ?? {});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,6 +12,11 @@ const alwaysImportedTests = [
|
||||||
require.resolve('../test/plugin_functional/config.ts'),
|
require.resolve('../test/plugin_functional/config.ts'),
|
||||||
require.resolve('../test/ui_capabilities/newsfeed_err/config.ts'),
|
require.resolve('../test/ui_capabilities/newsfeed_err/config.ts'),
|
||||||
require.resolve('../test/new_visualize_flow/config.ts'),
|
require.resolve('../test/new_visualize_flow/config.ts'),
|
||||||
|
require.resolve('../test/interactive_setup_api_integration/enrollment_flow.config.ts'),
|
||||||
|
require.resolve('../test/interactive_setup_api_integration/manual_configuration_flow.config.ts'),
|
||||||
|
require.resolve(
|
||||||
|
'../test/interactive_setup_api_integration/manual_configuration_flow_without_tls.config.ts'
|
||||||
|
),
|
||||||
];
|
];
|
||||||
// eslint-disable-next-line no-restricted-syntax
|
// eslint-disable-next-line no-restricted-syntax
|
||||||
const onlyNotInCoverageTests = [
|
const onlyNotInCoverageTests = [
|
||||||
|
|
|
@ -67,7 +67,7 @@ function applyConfigOverrides(rawConfig, opts, extraCliOptions) {
|
||||||
delete extraCliOptions.env;
|
delete extraCliOptions.env;
|
||||||
|
|
||||||
if (opts.dev) {
|
if (opts.dev) {
|
||||||
if (!has('elasticsearch.serviceAccountToken')) {
|
if (!has('elasticsearch.serviceAccountToken') && opts.devCredentials !== false) {
|
||||||
if (!has('elasticsearch.username')) {
|
if (!has('elasticsearch.username')) {
|
||||||
set('elasticsearch.username', 'kibana_system');
|
set('elasticsearch.username', 'kibana_system');
|
||||||
}
|
}
|
||||||
|
@ -191,7 +191,11 @@ export default function (program) {
|
||||||
.option('--no-watch', 'Prevents automatic restarts of the server in --dev mode')
|
.option('--no-watch', 'Prevents automatic restarts of the server in --dev mode')
|
||||||
.option('--no-optimizer', 'Disable the kbn/optimizer completely')
|
.option('--no-optimizer', 'Disable the kbn/optimizer completely')
|
||||||
.option('--no-cache', 'Disable the kbn/optimizer cache')
|
.option('--no-cache', 'Disable the kbn/optimizer cache')
|
||||||
.option('--no-dev-config', 'Prevents loading the kibana.dev.yml file in --dev mode');
|
.option('--no-dev-config', 'Prevents loading the kibana.dev.yml file in --dev mode')
|
||||||
|
.option(
|
||||||
|
'--no-dev-credentials',
|
||||||
|
'Prevents setting default values for `elasticsearch.username` and `elasticsearch.password` in --dev mode'
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
command.action(async function (opts) {
|
command.action(async function (opts) {
|
||||||
|
|
|
@ -67,8 +67,13 @@ export class InteractiveSetupPlugin implements PrebootPlugin {
|
||||||
core.elasticsearch.config.hosts.length === 1 &&
|
core.elasticsearch.config.hosts.length === 1 &&
|
||||||
DEFAULT_ELASTICSEARCH_HOSTS.includes(core.elasticsearch.config.hosts[0]);
|
DEFAULT_ELASTICSEARCH_HOSTS.includes(core.elasticsearch.config.hosts[0]);
|
||||||
if (!shouldActiveSetupMode) {
|
if (!shouldActiveSetupMode) {
|
||||||
|
const reason = core.elasticsearch.config.credentialsSpecified
|
||||||
|
? 'Kibana system user credentials are specified'
|
||||||
|
: core.elasticsearch.config.hosts.length > 1
|
||||||
|
? 'more than one Elasticsearch host is specified'
|
||||||
|
: 'non-default Elasticsearch host is used';
|
||||||
this.#logger.debug(
|
this.#logger.debug(
|
||||||
'Interactive setup mode will not be activated since Elasticsearch connection is already configured.'
|
`Interactive setup mode will not be activated since Elasticsearch connection is already configured: ${reason}.`
|
||||||
);
|
);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import fs from 'fs/promises';
|
||||||
|
import { join, resolve } from 'path';
|
||||||
|
|
||||||
|
import type { FtrConfigProviderContext } from '@kbn/test';
|
||||||
|
import { getDataPath } from '@kbn/utils';
|
||||||
|
|
||||||
|
export default async function ({ readConfigFile }: FtrConfigProviderContext) {
|
||||||
|
const manualConfigurationFlowTestsConfig = await readConfigFile(
|
||||||
|
require.resolve('./manual_configuration_flow.config.ts')
|
||||||
|
);
|
||||||
|
|
||||||
|
const tempKibanaYamlFile = join(getDataPath(), `interactive_setup_kibana_${Date.now()}.yml`);
|
||||||
|
await fs.writeFile(tempKibanaYamlFile, '');
|
||||||
|
|
||||||
|
const caPath = resolve(__dirname, './fixtures/elasticsearch.p12');
|
||||||
|
|
||||||
|
return {
|
||||||
|
...manualConfigurationFlowTestsConfig.getAll(),
|
||||||
|
|
||||||
|
testFiles: [require.resolve('./tests/enrollment_flow')],
|
||||||
|
|
||||||
|
junit: {
|
||||||
|
reportName: 'Interactive Setup API Integration Tests (Enrollment flow)',
|
||||||
|
},
|
||||||
|
|
||||||
|
esTestCluster: {
|
||||||
|
...manualConfigurationFlowTestsConfig.get('esTestCluster'),
|
||||||
|
serverArgs: [
|
||||||
|
...manualConfigurationFlowTestsConfig.get('esTestCluster.serverArgs'),
|
||||||
|
'xpack.security.enrollment.enabled=true',
|
||||||
|
`xpack.security.http.ssl.keystore.path=${caPath}`,
|
||||||
|
'xpack.security.http.ssl.keystore.password=storepass',
|
||||||
|
],
|
||||||
|
},
|
||||||
|
|
||||||
|
kbnTestServer: {
|
||||||
|
...manualConfigurationFlowTestsConfig.get('kbnTestServer'),
|
||||||
|
serverArgs: [
|
||||||
|
...manualConfigurationFlowTestsConfig
|
||||||
|
.get('kbnTestServer.serverArgs')
|
||||||
|
.filter((arg: string) => !arg.startsWith('--config')),
|
||||||
|
`--config=${tempKibanaYamlFile}`,
|
||||||
|
],
|
||||||
|
},
|
||||||
|
};
|
||||||
|
}
|
32
test/interactive_setup_api_integration/fixtures/README.md
Normal file
32
test/interactive_setup_api_integration/fixtures/README.md
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
## Certificate generation
|
||||||
|
|
||||||
|
The Elasticsearch HTTP layer keystore is supposed to mimic the PKCS12 keystore that the elasticsearch startup script will auto-generate for a node. The keystore contains:
|
||||||
|
|
||||||
|
- A PrivateKeyEntry for the node's key and certificate for the HTTP layer
|
||||||
|
- A PrivateKeyEntry for the CA's key and certificate
|
||||||
|
- A TrustedCertificateEntry for the CA's certificate
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ES_HOME/bin/elasticsearch-certutil cert \
|
||||||
|
--out $KIBANA_HOME/test/interactive_setup_api_integration/fixtures/elasticsearch.p12 \
|
||||||
|
--ca $KIBANA_HOME/packages/kbn-dev-utils/certs/ca.p12 --ca-pass "castorepass" --pass "storepass" \
|
||||||
|
--dns=localhost --dns=localhost.localdomain --dns=localhost4 --dns=localhost4.localdomain4 \
|
||||||
|
--dns=localhost6 --dns=localhost6.localdomain6 \
|
||||||
|
--ip=127.0.0.1 --ip=0:0:0:0:0:0:0:1
|
||||||
|
```
|
||||||
|
|
||||||
|
Change the alias of the TrustedCertificateEntry so that it won't clash with the CA PrivateKeyEntry
|
||||||
|
```bash
|
||||||
|
keytool -changealias -alias ca -destalias cacert -keystore \
|
||||||
|
$KIBANA_HOME/test/interactive_setup_api_integration/fixtures/elasticsearch.p12 \
|
||||||
|
-deststorepass "storepass"
|
||||||
|
```
|
||||||
|
|
||||||
|
Import the CA PrivateKeyEntry
|
||||||
|
```bash
|
||||||
|
keytool -importkeystore \
|
||||||
|
-srckeystore $KIBANA_HOME/packages/kbn-dev-utils/certs/ca.p12 \
|
||||||
|
-srcstorepass "castorepass" \
|
||||||
|
-destkeystore $KIBANA_HOME/test/interactive_setup_api_integration/fixtures/elasticsearch.p12 \
|
||||||
|
-deststorepass "storepass"
|
||||||
|
```
|
Binary file not shown.
|
@ -0,0 +1,12 @@
|
||||||
|
{
|
||||||
|
"id": "interactiveSetupTestEndpoints",
|
||||||
|
"owner": {
|
||||||
|
"name": "Platform Security",
|
||||||
|
"githubTeam": "kibana-security"
|
||||||
|
},
|
||||||
|
"version": "8.0.0",
|
||||||
|
"kibanaVersion": "kibana",
|
||||||
|
"type": "preboot",
|
||||||
|
"server": true,
|
||||||
|
"ui": false
|
||||||
|
}
|
|
@ -0,0 +1,42 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import fs from 'fs/promises';
|
||||||
|
import path from 'path';
|
||||||
|
|
||||||
|
import type { PluginInitializer, PrebootPlugin } from 'kibana/server';
|
||||||
|
|
||||||
|
export const plugin: PluginInitializer<void, never> = (initializerContext): PrebootPlugin => ({
|
||||||
|
setup: (core) => {
|
||||||
|
core.http.registerRoutes('', (router) => {
|
||||||
|
router.get(
|
||||||
|
{
|
||||||
|
path: '/test_endpoints/verification_code',
|
||||||
|
validate: false,
|
||||||
|
options: { authRequired: false },
|
||||||
|
},
|
||||||
|
async (context, request, response) => {
|
||||||
|
// [HACK]: On CI tests are run from the different directories than the built and running Kibana instance. That
|
||||||
|
// means Kibana from a Directory A is running with the test plugins from a Directory B. The problem is that
|
||||||
|
// the data path that interactive setup plugin uses to store verification code is determined by the
|
||||||
|
// `__dirname` that depends on the physical location of the file where it's used. This is the reason why we
|
||||||
|
// end up with different data paths in Kibana built-in and test plugins. To workaround that we use Kibana
|
||||||
|
// `process.cwd()` to construct data path manually.
|
||||||
|
const verificationCodePath = path.join(process.cwd(), 'data', 'verification_code');
|
||||||
|
initializerContext.logger.get().info(`Will read code from ${verificationCodePath}`);
|
||||||
|
return response.ok({
|
||||||
|
body: {
|
||||||
|
verificationCode: (await fs.readFile(verificationCodePath)).toString(),
|
||||||
|
},
|
||||||
|
});
|
||||||
|
}
|
||||||
|
);
|
||||||
|
});
|
||||||
|
},
|
||||||
|
stop: () => {},
|
||||||
|
});
|
|
@ -0,0 +1,16 @@
|
||||||
|
{
|
||||||
|
"extends": "../../../../tsconfig.base.json",
|
||||||
|
"compilerOptions": {
|
||||||
|
"outDir": "./target/types",
|
||||||
|
"emitDeclarationOnly": true,
|
||||||
|
"declaration": true,
|
||||||
|
"declarationMap": true
|
||||||
|
},
|
||||||
|
"include": [
|
||||||
|
"server/**/*.ts",
|
||||||
|
],
|
||||||
|
"exclude": [],
|
||||||
|
"references": [
|
||||||
|
{ "path": "../../../../src/core/tsconfig.json" },
|
||||||
|
],
|
||||||
|
}
|
|
@ -0,0 +1,39 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import { delay } from 'bluebird';
|
||||||
|
|
||||||
|
import expect from '@kbn/expect';
|
||||||
|
|
||||||
|
import type { FtrProviderContext } from '../ftr_provider_context';
|
||||||
|
|
||||||
|
export async function hasKibanaBooted(context: FtrProviderContext) {
|
||||||
|
const supertest = context.getService('supertest');
|
||||||
|
const log = context.getService('log');
|
||||||
|
|
||||||
|
// Run 30 consecutive requests with 1.5s delay to check if Kibana is up and running.
|
||||||
|
let kibanaHasBooted = false;
|
||||||
|
for (const counter of [...Array(30).keys()]) {
|
||||||
|
await delay(1500);
|
||||||
|
|
||||||
|
try {
|
||||||
|
expect((await supertest.get('/api/status').expect(200)).body).to.have.keys([
|
||||||
|
'version',
|
||||||
|
'status',
|
||||||
|
]);
|
||||||
|
|
||||||
|
log.debug(`Kibana has booted after ${(counter + 1) * 1.5}s.`);
|
||||||
|
kibanaHasBooted = true;
|
||||||
|
break;
|
||||||
|
} catch (err) {
|
||||||
|
log.debug(`Kibana is still booting after ${(counter + 1) * 1.5}s due to: ${err.message}`);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return kibanaHasBooted;
|
||||||
|
}
|
30
test/interactive_setup_api_integration/fixtures/tls_tools.ts
Normal file
30
test/interactive_setup_api_integration/fixtures/tls_tools.ts
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import tls from 'tls';
|
||||||
|
|
||||||
|
export async function getElasticsearchCaCertificate(host: string, port: string) {
|
||||||
|
let peerCertificate = await new Promise<tls.DetailedPeerCertificate>((resolve, reject) => {
|
||||||
|
const socket = tls.connect({ host, port: Number(port), rejectUnauthorized: false });
|
||||||
|
socket.once('secureConnect', () => {
|
||||||
|
const cert = socket.getPeerCertificate(true);
|
||||||
|
socket.destroy();
|
||||||
|
resolve(cert);
|
||||||
|
});
|
||||||
|
socket.once('error', reject);
|
||||||
|
});
|
||||||
|
|
||||||
|
while (
|
||||||
|
peerCertificate.issuerCertificate &&
|
||||||
|
peerCertificate.fingerprint256 !== peerCertificate.issuerCertificate.fingerprint256
|
||||||
|
) {
|
||||||
|
peerCertificate = peerCertificate.issuerCertificate;
|
||||||
|
}
|
||||||
|
|
||||||
|
return peerCertificate;
|
||||||
|
}
|
13
test/interactive_setup_api_integration/ftr_provider_context.d.ts
vendored
Normal file
13
test/interactive_setup_api_integration/ftr_provider_context.d.ts
vendored
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import type { GenericFtrProviderContext } from '@kbn/test';
|
||||||
|
|
||||||
|
import type { services } from './services';
|
||||||
|
|
||||||
|
export type FtrProviderContext = GenericFtrProviderContext<typeof services, {}>;
|
|
@ -0,0 +1,55 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import fs from 'fs/promises';
|
||||||
|
import { join } from 'path';
|
||||||
|
|
||||||
|
import type { FtrConfigProviderContext } from '@kbn/test';
|
||||||
|
import { getDataPath } from '@kbn/utils';
|
||||||
|
|
||||||
|
export default async function ({ readConfigFile }: FtrConfigProviderContext) {
|
||||||
|
const manualConfigurationFlowWithoutTlsTestsConfig = await readConfigFile(
|
||||||
|
require.resolve('./manual_configuration_flow_without_tls.config.ts')
|
||||||
|
);
|
||||||
|
|
||||||
|
const tempKibanaYamlFile = join(getDataPath(), `interactive_setup_kibana_${Date.now()}.yml`);
|
||||||
|
await fs.writeFile(tempKibanaYamlFile, '');
|
||||||
|
|
||||||
|
return {
|
||||||
|
...manualConfigurationFlowWithoutTlsTestsConfig.getAll(),
|
||||||
|
|
||||||
|
testFiles: [require.resolve('./tests/manual_configuration_flow')],
|
||||||
|
|
||||||
|
servers: {
|
||||||
|
...manualConfigurationFlowWithoutTlsTestsConfig.get('servers'),
|
||||||
|
elasticsearch: {
|
||||||
|
...manualConfigurationFlowWithoutTlsTestsConfig.get('servers.elasticsearch'),
|
||||||
|
protocol: 'https',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
junit: {
|
||||||
|
reportName: 'Interactive Setup API Integration Tests (Manual configuration flow)',
|
||||||
|
},
|
||||||
|
|
||||||
|
esTestCluster: {
|
||||||
|
...manualConfigurationFlowWithoutTlsTestsConfig.get('esTestCluster'),
|
||||||
|
ssl: true,
|
||||||
|
},
|
||||||
|
|
||||||
|
kbnTestServer: {
|
||||||
|
...manualConfigurationFlowWithoutTlsTestsConfig.get('kbnTestServer'),
|
||||||
|
serverArgs: [
|
||||||
|
...manualConfigurationFlowWithoutTlsTestsConfig
|
||||||
|
.get('kbnTestServer.serverArgs')
|
||||||
|
.filter((arg: string) => !arg.startsWith('--config')),
|
||||||
|
`--config=${tempKibanaYamlFile}`,
|
||||||
|
],
|
||||||
|
},
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,57 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import fs from 'fs/promises';
|
||||||
|
import { join, resolve } from 'path';
|
||||||
|
|
||||||
|
import type { FtrConfigProviderContext } from '@kbn/test';
|
||||||
|
import { getDataPath } from '@kbn/utils';
|
||||||
|
|
||||||
|
import { services } from './services';
|
||||||
|
|
||||||
|
export default async function ({ readConfigFile }: FtrConfigProviderContext) {
|
||||||
|
const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config'));
|
||||||
|
|
||||||
|
const testEndpointsPlugin = resolve(__dirname, './fixtures/test_endpoints');
|
||||||
|
|
||||||
|
const tempKibanaYamlFile = join(getDataPath(), `interactive_setup_kibana_${Date.now()}.yml`);
|
||||||
|
await fs.writeFile(tempKibanaYamlFile, '');
|
||||||
|
|
||||||
|
return {
|
||||||
|
testFiles: [require.resolve('./tests/manual_configuration_flow_without_tls')],
|
||||||
|
servers: xPackAPITestsConfig.get('servers'),
|
||||||
|
services,
|
||||||
|
junit: {
|
||||||
|
reportName: 'Interactive Setup API Integration Tests (Manual configuration flow without TLS)',
|
||||||
|
},
|
||||||
|
|
||||||
|
esTestCluster: {
|
||||||
|
...xPackAPITestsConfig.get('esTestCluster'),
|
||||||
|
serverArgs: [
|
||||||
|
...xPackAPITestsConfig.get('esTestCluster.serverArgs'),
|
||||||
|
'xpack.security.enabled=true',
|
||||||
|
],
|
||||||
|
},
|
||||||
|
|
||||||
|
kbnTestServer: {
|
||||||
|
...xPackAPITestsConfig.get('kbnTestServer'),
|
||||||
|
serverArgs: [
|
||||||
|
...xPackAPITestsConfig
|
||||||
|
.get('kbnTestServer.serverArgs')
|
||||||
|
.filter((arg: string) => !arg.startsWith('--elasticsearch.')),
|
||||||
|
`--plugin-path=${testEndpointsPlugin}`,
|
||||||
|
`--config=${tempKibanaYamlFile}`,
|
||||||
|
'--interactiveSetup.enabled=true',
|
||||||
|
],
|
||||||
|
runOptions: {
|
||||||
|
...xPackAPITestsConfig.get('kbnTestServer.runOptions'),
|
||||||
|
wait: /Kibana has not been configured/,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
};
|
||||||
|
}
|
13
test/interactive_setup_api_integration/services.ts
Normal file
13
test/interactive_setup_api_integration/services.ts
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import { services as apiIntegrationServices } from '../api_integration/services';
|
||||||
|
|
||||||
|
export const services = {
|
||||||
|
...apiIntegrationServices,
|
||||||
|
};
|
151
test/interactive_setup_api_integration/tests/enrollment_flow.ts
Normal file
151
test/interactive_setup_api_integration/tests/enrollment_flow.ts
Normal file
|
@ -0,0 +1,151 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import expect from '@kbn/expect';
|
||||||
|
import { getUrl } from '@kbn/test';
|
||||||
|
|
||||||
|
import { hasKibanaBooted } from '../fixtures/test_helpers';
|
||||||
|
import { getElasticsearchCaCertificate } from '../fixtures/tls_tools';
|
||||||
|
import type { FtrProviderContext } from '../ftr_provider_context';
|
||||||
|
|
||||||
|
export default function (context: FtrProviderContext) {
|
||||||
|
const supertest = context.getService('supertest');
|
||||||
|
const es = context.getService('es');
|
||||||
|
const log = context.getService('log');
|
||||||
|
const config = context.getService('config');
|
||||||
|
|
||||||
|
describe('Interactive setup APIs - Enrollment flow', function () {
|
||||||
|
this.tags(['skipCloud', 'ciGroup2']);
|
||||||
|
|
||||||
|
let kibanaVerificationCode: string;
|
||||||
|
let elasticsearchCaFingerprint: string;
|
||||||
|
before(async () => {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
elasticsearchCaFingerprint = (
|
||||||
|
await getElasticsearchCaCertificate(esServerConfig.host, esServerConfig.port)
|
||||||
|
).fingerprint256.replace(/:/g, '');
|
||||||
|
|
||||||
|
kibanaVerificationCode = (
|
||||||
|
await supertest.get('/test_endpoints/verification_code').expect(200)
|
||||||
|
).body.verificationCode;
|
||||||
|
});
|
||||||
|
|
||||||
|
let enrollmentAPIKey: string;
|
||||||
|
beforeEach(async () => {
|
||||||
|
const apiResponse = await es.security.createApiKey({ body: { name: 'enrollment_api_key' } });
|
||||||
|
enrollmentAPIKey = Buffer.from(`${apiResponse.body.id}:${apiResponse.body.api_key}`).toString(
|
||||||
|
'base64'
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
afterEach(async () => {
|
||||||
|
await es.security.invalidateApiKey({ body: { name: 'enrollment_api_key' } });
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to enroll with invalid authentication code', async () => {
|
||||||
|
const esHost = getUrl.baseUrl(config.get('servers.elasticsearch'));
|
||||||
|
const enrollPayload = {
|
||||||
|
apiKey: enrollmentAPIKey,
|
||||||
|
code: '000000',
|
||||||
|
caFingerprint: elasticsearchCaFingerprint,
|
||||||
|
hosts: [esHost],
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/enroll')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(enrollPayload)
|
||||||
|
.expect(403, { statusCode: 403, error: 'Forbidden', message: 'Forbidden' });
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to enroll with invalid CA fingerprint', async () => {
|
||||||
|
const esHost = getUrl.baseUrl(config.get('servers.elasticsearch'));
|
||||||
|
const enrollPayload = {
|
||||||
|
apiKey: enrollmentAPIKey,
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
caFingerprint: '3FDAEE71A3604070E6AE6B01412D19772DE5AE129F69C413F0453B293D9BE65D',
|
||||||
|
hosts: [esHost],
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/enroll')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(enrollPayload)
|
||||||
|
.expect(500, {
|
||||||
|
statusCode: 500,
|
||||||
|
error: 'Internal Server Error',
|
||||||
|
message: 'Failed to enroll.',
|
||||||
|
attributes: { type: 'enroll_failure' },
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to enroll with invalid api key', async function () {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const enrollPayload = {
|
||||||
|
apiKey: enrollmentAPIKey,
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
caFingerprint: elasticsearchCaFingerprint,
|
||||||
|
hosts: [getUrl.baseUrl(esServerConfig)],
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
||||||
|
|
||||||
|
// Invalidate API key.
|
||||||
|
await es.security.invalidateApiKey({ body: { name: 'enrollment_api_key' } });
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/enroll')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(enrollPayload)
|
||||||
|
.expect(500, {
|
||||||
|
statusCode: 500,
|
||||||
|
error: 'Internal Server Error',
|
||||||
|
message: 'Failed to enroll.',
|
||||||
|
attributes: { type: 'enroll_failure' },
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should be able to enroll with valid authentication code', async function () {
|
||||||
|
this.timeout(60000);
|
||||||
|
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const enrollPayload = {
|
||||||
|
apiKey: enrollmentAPIKey,
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
caFingerprint: elasticsearchCaFingerprint,
|
||||||
|
hosts: [getUrl.baseUrl(esServerConfig)],
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/enroll')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(enrollPayload)
|
||||||
|
.expect(204, {});
|
||||||
|
|
||||||
|
// Enroll should no longer accept requests.
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/enroll')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(enrollPayload)
|
||||||
|
.expect(400, {
|
||||||
|
error: 'Bad Request',
|
||||||
|
message: 'Cannot process request outside of preboot stage.',
|
||||||
|
statusCode: 400,
|
||||||
|
attributes: { type: 'outside_preboot_stage' },
|
||||||
|
});
|
||||||
|
|
||||||
|
expect(await hasKibanaBooted(context)).to.be(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
|
@ -0,0 +1,136 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import expect from '@kbn/expect';
|
||||||
|
import { getUrl, kibanaServerTestUser } from '@kbn/test';
|
||||||
|
|
||||||
|
import { hasKibanaBooted } from '../fixtures/test_helpers';
|
||||||
|
import { getElasticsearchCaCertificate } from '../fixtures/tls_tools';
|
||||||
|
import type { FtrProviderContext } from '../ftr_provider_context';
|
||||||
|
|
||||||
|
export default function (context: FtrProviderContext) {
|
||||||
|
const supertest = context.getService('supertest');
|
||||||
|
const log = context.getService('log');
|
||||||
|
const config = context.getService('config');
|
||||||
|
|
||||||
|
describe('Interactive setup APIs - Manual configuration flow', function () {
|
||||||
|
this.tags(['skipCloud', 'ciGroup2']);
|
||||||
|
|
||||||
|
let kibanaVerificationCode: string;
|
||||||
|
let elasticsearchCaCertificate: string;
|
||||||
|
before(async () => {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
elasticsearchCaCertificate = (
|
||||||
|
await getElasticsearchCaCertificate(esServerConfig.host, esServerConfig.port)
|
||||||
|
).raw.toString('base64');
|
||||||
|
|
||||||
|
kibanaVerificationCode = (
|
||||||
|
await supertest.get('/test_endpoints/verification_code').expect(200)
|
||||||
|
).body.verificationCode;
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to configure with invalid authentication code', async () => {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const configurePayload = {
|
||||||
|
host: getUrl.baseUrl(esServerConfig),
|
||||||
|
code: '000000',
|
||||||
|
caCert: elasticsearchCaCertificate,
|
||||||
|
...kibanaServerTestUser,
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Configure payload ${JSON.stringify(configurePayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(403, { statusCode: 403, error: 'Forbidden', message: 'Forbidden' });
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to configure with invalid CA certificate', async () => {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const configurePayload = {
|
||||||
|
host: getUrl.baseUrl(esServerConfig),
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
caCert: elasticsearchCaCertificate.split('').reverse().join(''),
|
||||||
|
...kibanaServerTestUser,
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Configure payload ${JSON.stringify(configurePayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(500, {
|
||||||
|
statusCode: 500,
|
||||||
|
error: 'Internal Server Error',
|
||||||
|
message: 'Failed to configure.',
|
||||||
|
attributes: { type: 'configure_failure' },
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to configure with invalid credentials', async function () {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const configurePayload = {
|
||||||
|
host: getUrl.baseUrl(esServerConfig),
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
caCert: elasticsearchCaCertificate,
|
||||||
|
...kibanaServerTestUser,
|
||||||
|
password: 'no-way',
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Configure payload ${JSON.stringify(configurePayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(500, {
|
||||||
|
statusCode: 500,
|
||||||
|
error: 'Internal Server Error',
|
||||||
|
message: 'Failed to configure.',
|
||||||
|
attributes: { type: 'configure_failure' },
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should be able to configure with valid authentication code', async function () {
|
||||||
|
this.timeout(60000);
|
||||||
|
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const configurePayload = {
|
||||||
|
host: getUrl.baseUrl(esServerConfig),
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
caCert: elasticsearchCaCertificate,
|
||||||
|
...kibanaServerTestUser,
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Configure payload ${JSON.stringify(configurePayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(204, {});
|
||||||
|
|
||||||
|
// Configure should no longer accept requests.
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(400, {
|
||||||
|
error: 'Bad Request',
|
||||||
|
message: 'Cannot process request outside of preboot stage.',
|
||||||
|
statusCode: 400,
|
||||||
|
attributes: { type: 'outside_preboot_stage' },
|
||||||
|
});
|
||||||
|
|
||||||
|
expect(await hasKibanaBooted(context)).to.be(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
|
@ -0,0 +1,103 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License
|
||||||
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
||||||
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
||||||
|
* Side Public License, v 1.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import expect from '@kbn/expect';
|
||||||
|
import { getUrl, kibanaServerTestUser } from '@kbn/test';
|
||||||
|
|
||||||
|
import { hasKibanaBooted } from '../fixtures/test_helpers';
|
||||||
|
import type { FtrProviderContext } from '../ftr_provider_context';
|
||||||
|
|
||||||
|
export default function (context: FtrProviderContext) {
|
||||||
|
const supertest = context.getService('supertest');
|
||||||
|
const log = context.getService('log');
|
||||||
|
const config = context.getService('config');
|
||||||
|
|
||||||
|
describe('Interactive setup APIs - Manual configuration flow without TLS', function () {
|
||||||
|
this.tags(['skipCloud', 'ciGroup2']);
|
||||||
|
|
||||||
|
let kibanaVerificationCode: string;
|
||||||
|
before(async () => {
|
||||||
|
kibanaVerificationCode = (
|
||||||
|
await supertest.get('/test_endpoints/verification_code').expect(200)
|
||||||
|
).body.verificationCode;
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to configure with invalid authentication code', async () => {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const configurePayload = {
|
||||||
|
host: getUrl.baseUrl(esServerConfig),
|
||||||
|
code: '000000',
|
||||||
|
...kibanaServerTestUser,
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Configure payload ${JSON.stringify(configurePayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(403, { statusCode: 403, error: 'Forbidden', message: 'Forbidden' });
|
||||||
|
});
|
||||||
|
|
||||||
|
it('fails to configure with invalid credentials', async function () {
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const configurePayload = {
|
||||||
|
host: getUrl.baseUrl(esServerConfig),
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
...kibanaServerTestUser,
|
||||||
|
password: 'no-way',
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Configure payload ${JSON.stringify(configurePayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(500, {
|
||||||
|
statusCode: 500,
|
||||||
|
error: 'Internal Server Error',
|
||||||
|
message: 'Failed to configure.',
|
||||||
|
attributes: { type: 'configure_failure' },
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should be able to configure with valid authentication code', async function () {
|
||||||
|
this.timeout(60000);
|
||||||
|
|
||||||
|
const esServerConfig = config.get('servers.elasticsearch');
|
||||||
|
const configurePayload = {
|
||||||
|
host: getUrl.baseUrl(esServerConfig),
|
||||||
|
code: kibanaVerificationCode,
|
||||||
|
...kibanaServerTestUser,
|
||||||
|
};
|
||||||
|
|
||||||
|
log.debug(`Configure payload ${JSON.stringify(configurePayload)}`);
|
||||||
|
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(204, {});
|
||||||
|
|
||||||
|
// Configure should no longer accept requests.
|
||||||
|
await supertest
|
||||||
|
.post('/internal/interactive_setup/configure')
|
||||||
|
.set('kbn-xsrf', 'xxx')
|
||||||
|
.send(configurePayload)
|
||||||
|
.expect(400, {
|
||||||
|
error: 'Bad Request',
|
||||||
|
message: 'Cannot process request outside of preboot stage.',
|
||||||
|
statusCode: 400,
|
||||||
|
attributes: { type: 'outside_preboot_stage' },
|
||||||
|
});
|
||||||
|
|
||||||
|
expect(await hasKibanaBooted(context)).to.be(true);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
|
@ -53,6 +53,7 @@
|
||||||
{ "path": "../src/plugins/usage_collection/tsconfig.json" },
|
{ "path": "../src/plugins/usage_collection/tsconfig.json" },
|
||||||
{ "path": "../src/plugins/index_pattern_management/tsconfig.json" },
|
{ "path": "../src/plugins/index_pattern_management/tsconfig.json" },
|
||||||
{ "path": "../src/plugins/visualize/tsconfig.json" },
|
{ "path": "../src/plugins/visualize/tsconfig.json" },
|
||||||
|
{ "path": "interactive_setup_api_integration/fixtures/test_endpoints/tsconfig.json" },
|
||||||
{ "path": "plugin_functional/plugins/core_app_status/tsconfig.json" },
|
{ "path": "plugin_functional/plugins/core_app_status/tsconfig.json" },
|
||||||
{ "path": "plugin_functional/plugins/core_provider_plugin/tsconfig.json" },
|
{ "path": "plugin_functional/plugins/core_provider_plugin/tsconfig.json" },
|
||||||
{ "path": "server_integration/__fixtures__/plugins/status_plugin_a/tsconfig.json" },
|
{ "path": "server_integration/__fixtures__/plugins/status_plugin_a/tsconfig.json" },
|
||||||
|
|
|
@ -7,25 +7,24 @@
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data>
|
<ds:X509Data>
|
||||||
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
||||||
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVANNWkg9lzNiLqNkMFhFKHcXyaZmqMA0GCSqGSIb3DQEB
|
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVAN0GVNLw3IaUBuG7t6CeW8w2wyymMA0GCSqGSIb3DQEB
|
||||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||||
ZXJhdGVkIENBMCAXDTE5MTIyNzE3MDM0MloYDzIwNjkxMjE0MTcwMzQyWjARMQ8w
|
ZXJhdGVkIENBMCAXDTIxMTAxMzEwMTU1OFoYDzIwNzExMDAxMTAxNTU4WjARMQ8w
|
||||||
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ
|
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
|
||||||
wYYbQtbRBKJ4uNZc2+IgRU+7NNL21ZebQlEIMgK7jAqOMrsW2b5DATz41Fd+GQFU
|
nvfL3/26D8EkLso+t9S0m+tSJipLsBWs0dCpc8KRJ/+ijDRnAQ5lOmOAcxt43SNY
|
||||||
FUYYjwo+PQj6sJHshOJo/gNb32HrydvMI7YPvevkszkuEGCfXxQ3Dw2RTACLgD0Q
|
KFr0EntQEZyYaRwMIM8aPR0WYW/VV5o4fq2o/JnmHqzZJRJCwZq+5WiCiDPt012N
|
||||||
OCkwHvn3TMf0loloV/ePGWaZDYZaXi3a5DdWi/HFFoJysgF0JV2f6XyKhJkGaEfJ
|
mRGYCMUxjlEwejue6diLAeQhZ/sfN4jUp217bMEHrhHrNBWTwwJ+Uk5TBQMhviCW
|
||||||
s9pWX269zH/XQvGNx4BEimJpYB8h4JnDYPFIiQdqj+sl2b+kS1hH9kL5gBAMXjFU
|
LKbsKrfluA6DGHWrXN4pH7Xmaf/Zyc9AYL/nxwv3VQHZzIAK/U/WNCgFJJ3qoFYY
|
||||||
vcNnX+PmyTjyJrGo75k0ku+spBf1bMwuQt3uSmM+TQIXkvFDmS0DOVESrpA5EC1T
|
6TUwDDNa30mSj165OOds9N+VmUlDC3IFiHV3osBWscSU4HJd6QJ8huHrFLLV4y4i
|
||||||
BUGRz6o/I88Xx4Mud771AgMBAAGjYzBhMB0GA1UdDgQWBBQLB1Eo23M3Ss8MsFaz
|
u62el47Qr+/8Ut3SzeIXAgMBAAGjYzBhMB0GA1UdDgQWBBQli5f2bYL9jKUA5Uxp
|
||||||
V+Twcb3PmDAfBgNVHSMEGDAWgBQa7SYOe8NGcF00EbwPHA91YCsHSTAUBgNVHREE
|
yRRHeCoPJzAfBgNVHSMEGDAWgBQwTCrAjlvQxik3HBocn1PDUunenjAUBgNVHREE
|
||||||
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnEl/
|
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATFNj
|
||||||
z5IElIjvkK4AgMPrNcRlvIGDt2orEik7b6Jsq6/RiJQ7cSsYTZf7xbqyxNsUOTxv
|
WkTBPfgflGYZD4OsYvfT/rVjFKbJP/u1a0rkzNamA2QKNzI9JTOzONPTyRhe9yVS
|
||||||
+frj47MEN448H2nRvUxH29YR3XygV5aEwADSAhwaQWn0QfWTCZbJTmSoNEDtDOzX
|
zeO8X2rtN63l38dtgMjFQ15Xxnp7GFT7GkXfa1JR+tGSGTgVld8nLUzig+mNmBoR
|
||||||
TGDlAoCD9s9Xz9S1JpxY4H+WWRZrBSDM6SC1c6CzuEeZRuScNAjYD5mh2v6fOlSy
|
nE4cNc0JJ1PsXPzfPgJ6WMp2WOoNUrQf2cm42i36Jk+7KGcosfyFMPQILZE34Geo
|
||||||
b8xJWSg0AFlJPCa3ZsA2SKbNqI0uNfJTnkXRm88Z2NHcgtlADbOLKauWfCrpgsCk
|
DAgCVpNWPgST4HYBUCHMC7S14LHLVdUXPsfGZPEqU5Zf9Hvy61rQC/RdNjnMI6JD
|
||||||
cZgo6yAYkOM148h/8wGla1eX+iE1R72NUABGydu8MSQKvc0emWJkGsC1/KqPlf/O
|
s57l9oHASNeEg55NQm01aOmwq/z1DXs3UP2nRmp6XCCfE61ghofO5dtV1j3cZ3f5
|
||||||
eOUsdwn1yDKHRxDHyA==
|
dzkzSBV7H6+/MD3Y8Q==</ds:X509Certificate>
|
||||||
</ds:X509Certificate>
|
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
</md:KeyDescriptor>
|
</md:KeyDescriptor>
|
||||||
|
|
|
@ -9,8 +9,8 @@ The `first_client.p12` and `second_client.p12` files were generated the same tim
|
||||||
following commands:
|
following commands:
|
||||||
|
|
||||||
```
|
```
|
||||||
bin/elasticsearch-certutil cert -days 18250 --ca elastic-stack-ca.p12 --ca-pass castorepass --name first_client --pass ""
|
bin/elasticsearch-certutil cert -days 18250 --ca $KIBANA_HOME/packages/kbn-dev-utils/certs/ca.p12 --ca-pass castorepass --name first_client --pass ""
|
||||||
bin/elasticsearch-certutil cert -days 18250 --ca elastic-stack-ca.p12 --ca-pass castorepass --name second_client --pass ""
|
bin/elasticsearch-certutil cert -days 18250 --ca $KIBANA_HOME/packages/kbn-dev-utils/certs/ca.p12 --ca-pass castorepass --name second_client --pass ""
|
||||||
```
|
```
|
||||||
|
|
||||||
If that CA is ever changed, these two files must be regenerated.
|
If that CA is ever changed, these two files must be regenerated.
|
||||||
|
|
Binary file not shown.
Binary file not shown.
|
@ -7,25 +7,24 @@
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data>
|
<ds:X509Data>
|
||||||
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
||||||
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVANNWkg9lzNiLqNkMFhFKHcXyaZmqMA0GCSqGSIb3DQEB
|
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVAN0GVNLw3IaUBuG7t6CeW8w2wyymMA0GCSqGSIb3DQEB
|
||||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||||
ZXJhdGVkIENBMCAXDTE5MTIyNzE3MDM0MloYDzIwNjkxMjE0MTcwMzQyWjARMQ8w
|
ZXJhdGVkIENBMCAXDTIxMTAxMzEwMTU1OFoYDzIwNzExMDAxMTAxNTU4WjARMQ8w
|
||||||
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ
|
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
|
||||||
wYYbQtbRBKJ4uNZc2+IgRU+7NNL21ZebQlEIMgK7jAqOMrsW2b5DATz41Fd+GQFU
|
nvfL3/26D8EkLso+t9S0m+tSJipLsBWs0dCpc8KRJ/+ijDRnAQ5lOmOAcxt43SNY
|
||||||
FUYYjwo+PQj6sJHshOJo/gNb32HrydvMI7YPvevkszkuEGCfXxQ3Dw2RTACLgD0Q
|
KFr0EntQEZyYaRwMIM8aPR0WYW/VV5o4fq2o/JnmHqzZJRJCwZq+5WiCiDPt012N
|
||||||
OCkwHvn3TMf0loloV/ePGWaZDYZaXi3a5DdWi/HFFoJysgF0JV2f6XyKhJkGaEfJ
|
mRGYCMUxjlEwejue6diLAeQhZ/sfN4jUp217bMEHrhHrNBWTwwJ+Uk5TBQMhviCW
|
||||||
s9pWX269zH/XQvGNx4BEimJpYB8h4JnDYPFIiQdqj+sl2b+kS1hH9kL5gBAMXjFU
|
LKbsKrfluA6DGHWrXN4pH7Xmaf/Zyc9AYL/nxwv3VQHZzIAK/U/WNCgFJJ3qoFYY
|
||||||
vcNnX+PmyTjyJrGo75k0ku+spBf1bMwuQt3uSmM+TQIXkvFDmS0DOVESrpA5EC1T
|
6TUwDDNa30mSj165OOds9N+VmUlDC3IFiHV3osBWscSU4HJd6QJ8huHrFLLV4y4i
|
||||||
BUGRz6o/I88Xx4Mud771AgMBAAGjYzBhMB0GA1UdDgQWBBQLB1Eo23M3Ss8MsFaz
|
u62el47Qr+/8Ut3SzeIXAgMBAAGjYzBhMB0GA1UdDgQWBBQli5f2bYL9jKUA5Uxp
|
||||||
V+Twcb3PmDAfBgNVHSMEGDAWgBQa7SYOe8NGcF00EbwPHA91YCsHSTAUBgNVHREE
|
yRRHeCoPJzAfBgNVHSMEGDAWgBQwTCrAjlvQxik3HBocn1PDUunenjAUBgNVHREE
|
||||||
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnEl/
|
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATFNj
|
||||||
z5IElIjvkK4AgMPrNcRlvIGDt2orEik7b6Jsq6/RiJQ7cSsYTZf7xbqyxNsUOTxv
|
WkTBPfgflGYZD4OsYvfT/rVjFKbJP/u1a0rkzNamA2QKNzI9JTOzONPTyRhe9yVS
|
||||||
+frj47MEN448H2nRvUxH29YR3XygV5aEwADSAhwaQWn0QfWTCZbJTmSoNEDtDOzX
|
zeO8X2rtN63l38dtgMjFQ15Xxnp7GFT7GkXfa1JR+tGSGTgVld8nLUzig+mNmBoR
|
||||||
TGDlAoCD9s9Xz9S1JpxY4H+WWRZrBSDM6SC1c6CzuEeZRuScNAjYD5mh2v6fOlSy
|
nE4cNc0JJ1PsXPzfPgJ6WMp2WOoNUrQf2cm42i36Jk+7KGcosfyFMPQILZE34Geo
|
||||||
b8xJWSg0AFlJPCa3ZsA2SKbNqI0uNfJTnkXRm88Z2NHcgtlADbOLKauWfCrpgsCk
|
DAgCVpNWPgST4HYBUCHMC7S14LHLVdUXPsfGZPEqU5Zf9Hvy61rQC/RdNjnMI6JD
|
||||||
cZgo6yAYkOM148h/8wGla1eX+iE1R72NUABGydu8MSQKvc0emWJkGsC1/KqPlf/O
|
s57l9oHASNeEg55NQm01aOmwq/z1DXs3UP2nRmp6XCCfE61ghofO5dtV1j3cZ3f5
|
||||||
eOUsdwn1yDKHRxDHyA==
|
dzkzSBV7H6+/MD3Y8Q==</ds:X509Certificate>
|
||||||
</ds:X509Certificate>
|
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
</md:KeyDescriptor>
|
</md:KeyDescriptor>
|
||||||
|
|
|
@ -7,25 +7,24 @@
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data>
|
<ds:X509Data>
|
||||||
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
||||||
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVANNWkg9lzNiLqNkMFhFKHcXyaZmqMA0GCSqGSIb3DQEB
|
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVAN0GVNLw3IaUBuG7t6CeW8w2wyymMA0GCSqGSIb3DQEB
|
||||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||||
ZXJhdGVkIENBMCAXDTE5MTIyNzE3MDM0MloYDzIwNjkxMjE0MTcwMzQyWjARMQ8w
|
ZXJhdGVkIENBMCAXDTIxMTAxMzEwMTU1OFoYDzIwNzExMDAxMTAxNTU4WjARMQ8w
|
||||||
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ
|
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
|
||||||
wYYbQtbRBKJ4uNZc2+IgRU+7NNL21ZebQlEIMgK7jAqOMrsW2b5DATz41Fd+GQFU
|
nvfL3/26D8EkLso+t9S0m+tSJipLsBWs0dCpc8KRJ/+ijDRnAQ5lOmOAcxt43SNY
|
||||||
FUYYjwo+PQj6sJHshOJo/gNb32HrydvMI7YPvevkszkuEGCfXxQ3Dw2RTACLgD0Q
|
KFr0EntQEZyYaRwMIM8aPR0WYW/VV5o4fq2o/JnmHqzZJRJCwZq+5WiCiDPt012N
|
||||||
OCkwHvn3TMf0loloV/ePGWaZDYZaXi3a5DdWi/HFFoJysgF0JV2f6XyKhJkGaEfJ
|
mRGYCMUxjlEwejue6diLAeQhZ/sfN4jUp217bMEHrhHrNBWTwwJ+Uk5TBQMhviCW
|
||||||
s9pWX269zH/XQvGNx4BEimJpYB8h4JnDYPFIiQdqj+sl2b+kS1hH9kL5gBAMXjFU
|
LKbsKrfluA6DGHWrXN4pH7Xmaf/Zyc9AYL/nxwv3VQHZzIAK/U/WNCgFJJ3qoFYY
|
||||||
vcNnX+PmyTjyJrGo75k0ku+spBf1bMwuQt3uSmM+TQIXkvFDmS0DOVESrpA5EC1T
|
6TUwDDNa30mSj165OOds9N+VmUlDC3IFiHV3osBWscSU4HJd6QJ8huHrFLLV4y4i
|
||||||
BUGRz6o/I88Xx4Mud771AgMBAAGjYzBhMB0GA1UdDgQWBBQLB1Eo23M3Ss8MsFaz
|
u62el47Qr+/8Ut3SzeIXAgMBAAGjYzBhMB0GA1UdDgQWBBQli5f2bYL9jKUA5Uxp
|
||||||
V+Twcb3PmDAfBgNVHSMEGDAWgBQa7SYOe8NGcF00EbwPHA91YCsHSTAUBgNVHREE
|
yRRHeCoPJzAfBgNVHSMEGDAWgBQwTCrAjlvQxik3HBocn1PDUunenjAUBgNVHREE
|
||||||
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnEl/
|
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATFNj
|
||||||
z5IElIjvkK4AgMPrNcRlvIGDt2orEik7b6Jsq6/RiJQ7cSsYTZf7xbqyxNsUOTxv
|
WkTBPfgflGYZD4OsYvfT/rVjFKbJP/u1a0rkzNamA2QKNzI9JTOzONPTyRhe9yVS
|
||||||
+frj47MEN448H2nRvUxH29YR3XygV5aEwADSAhwaQWn0QfWTCZbJTmSoNEDtDOzX
|
zeO8X2rtN63l38dtgMjFQ15Xxnp7GFT7GkXfa1JR+tGSGTgVld8nLUzig+mNmBoR
|
||||||
TGDlAoCD9s9Xz9S1JpxY4H+WWRZrBSDM6SC1c6CzuEeZRuScNAjYD5mh2v6fOlSy
|
nE4cNc0JJ1PsXPzfPgJ6WMp2WOoNUrQf2cm42i36Jk+7KGcosfyFMPQILZE34Geo
|
||||||
b8xJWSg0AFlJPCa3ZsA2SKbNqI0uNfJTnkXRm88Z2NHcgtlADbOLKauWfCrpgsCk
|
DAgCVpNWPgST4HYBUCHMC7S14LHLVdUXPsfGZPEqU5Zf9Hvy61rQC/RdNjnMI6JD
|
||||||
cZgo6yAYkOM148h/8wGla1eX+iE1R72NUABGydu8MSQKvc0emWJkGsC1/KqPlf/O
|
s57l9oHASNeEg55NQm01aOmwq/z1DXs3UP2nRmp6XCCfE61ghofO5dtV1j3cZ3f5
|
||||||
eOUsdwn1yDKHRxDHyA==
|
dzkzSBV7H6+/MD3Y8Q==</ds:X509Certificate>
|
||||||
</ds:X509Certificate>
|
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
</md:KeyDescriptor>
|
</md:KeyDescriptor>
|
||||||
|
|
|
@ -7,25 +7,24 @@
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data>
|
<ds:X509Data>
|
||||||
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
||||||
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVANNWkg9lzNiLqNkMFhFKHcXyaZmqMA0GCSqGSIb3DQEB
|
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVAN0GVNLw3IaUBuG7t6CeW8w2wyymMA0GCSqGSIb3DQEB
|
||||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||||
ZXJhdGVkIENBMCAXDTE5MTIyNzE3MDM0MloYDzIwNjkxMjE0MTcwMzQyWjARMQ8w
|
ZXJhdGVkIENBMCAXDTIxMTAxMzEwMTU1OFoYDzIwNzExMDAxMTAxNTU4WjARMQ8w
|
||||||
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ
|
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
|
||||||
wYYbQtbRBKJ4uNZc2+IgRU+7NNL21ZebQlEIMgK7jAqOMrsW2b5DATz41Fd+GQFU
|
nvfL3/26D8EkLso+t9S0m+tSJipLsBWs0dCpc8KRJ/+ijDRnAQ5lOmOAcxt43SNY
|
||||||
FUYYjwo+PQj6sJHshOJo/gNb32HrydvMI7YPvevkszkuEGCfXxQ3Dw2RTACLgD0Q
|
KFr0EntQEZyYaRwMIM8aPR0WYW/VV5o4fq2o/JnmHqzZJRJCwZq+5WiCiDPt012N
|
||||||
OCkwHvn3TMf0loloV/ePGWaZDYZaXi3a5DdWi/HFFoJysgF0JV2f6XyKhJkGaEfJ
|
mRGYCMUxjlEwejue6diLAeQhZ/sfN4jUp217bMEHrhHrNBWTwwJ+Uk5TBQMhviCW
|
||||||
s9pWX269zH/XQvGNx4BEimJpYB8h4JnDYPFIiQdqj+sl2b+kS1hH9kL5gBAMXjFU
|
LKbsKrfluA6DGHWrXN4pH7Xmaf/Zyc9AYL/nxwv3VQHZzIAK/U/WNCgFJJ3qoFYY
|
||||||
vcNnX+PmyTjyJrGo75k0ku+spBf1bMwuQt3uSmM+TQIXkvFDmS0DOVESrpA5EC1T
|
6TUwDDNa30mSj165OOds9N+VmUlDC3IFiHV3osBWscSU4HJd6QJ8huHrFLLV4y4i
|
||||||
BUGRz6o/I88Xx4Mud771AgMBAAGjYzBhMB0GA1UdDgQWBBQLB1Eo23M3Ss8MsFaz
|
u62el47Qr+/8Ut3SzeIXAgMBAAGjYzBhMB0GA1UdDgQWBBQli5f2bYL9jKUA5Uxp
|
||||||
V+Twcb3PmDAfBgNVHSMEGDAWgBQa7SYOe8NGcF00EbwPHA91YCsHSTAUBgNVHREE
|
yRRHeCoPJzAfBgNVHSMEGDAWgBQwTCrAjlvQxik3HBocn1PDUunenjAUBgNVHREE
|
||||||
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnEl/
|
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATFNj
|
||||||
z5IElIjvkK4AgMPrNcRlvIGDt2orEik7b6Jsq6/RiJQ7cSsYTZf7xbqyxNsUOTxv
|
WkTBPfgflGYZD4OsYvfT/rVjFKbJP/u1a0rkzNamA2QKNzI9JTOzONPTyRhe9yVS
|
||||||
+frj47MEN448H2nRvUxH29YR3XygV5aEwADSAhwaQWn0QfWTCZbJTmSoNEDtDOzX
|
zeO8X2rtN63l38dtgMjFQ15Xxnp7GFT7GkXfa1JR+tGSGTgVld8nLUzig+mNmBoR
|
||||||
TGDlAoCD9s9Xz9S1JpxY4H+WWRZrBSDM6SC1c6CzuEeZRuScNAjYD5mh2v6fOlSy
|
nE4cNc0JJ1PsXPzfPgJ6WMp2WOoNUrQf2cm42i36Jk+7KGcosfyFMPQILZE34Geo
|
||||||
b8xJWSg0AFlJPCa3ZsA2SKbNqI0uNfJTnkXRm88Z2NHcgtlADbOLKauWfCrpgsCk
|
DAgCVpNWPgST4HYBUCHMC7S14LHLVdUXPsfGZPEqU5Zf9Hvy61rQC/RdNjnMI6JD
|
||||||
cZgo6yAYkOM148h/8wGla1eX+iE1R72NUABGydu8MSQKvc0emWJkGsC1/KqPlf/O
|
s57l9oHASNeEg55NQm01aOmwq/z1DXs3UP2nRmp6XCCfE61ghofO5dtV1j3cZ3f5
|
||||||
eOUsdwn1yDKHRxDHyA==
|
dzkzSBV7H6+/MD3Y8Q==</ds:X509Certificate>
|
||||||
</ds:X509Certificate>
|
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
</md:KeyDescriptor>
|
</md:KeyDescriptor>
|
||||||
|
|
|
@ -7,25 +7,24 @@
|
||||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||||
<ds:X509Data>
|
<ds:X509Data>
|
||||||
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
<!-- This certificate is extracted from KBN_CERT_PATH in @kbn/dev-utils and should always be in sync with it -->
|
||||||
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVANNWkg9lzNiLqNkMFhFKHcXyaZmqMA0GCSqGSIb3DQEB
|
<ds:X509Certificate>MIIDOTCCAiGgAwIBAgIVAN0GVNLw3IaUBuG7t6CeW8w2wyymMA0GCSqGSIb3DQEB
|
||||||
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
CwUAMDQxMjAwBgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2Vu
|
||||||
ZXJhdGVkIENBMCAXDTE5MTIyNzE3MDM0MloYDzIwNjkxMjE0MTcwMzQyWjARMQ8w
|
ZXJhdGVkIENBMCAXDTIxMTAxMzEwMTU1OFoYDzIwNzExMDAxMTAxNTU4WjARMQ8w
|
||||||
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ
|
DQYDVQQDEwZraWJhbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3
|
||||||
wYYbQtbRBKJ4uNZc2+IgRU+7NNL21ZebQlEIMgK7jAqOMrsW2b5DATz41Fd+GQFU
|
nvfL3/26D8EkLso+t9S0m+tSJipLsBWs0dCpc8KRJ/+ijDRnAQ5lOmOAcxt43SNY
|
||||||
FUYYjwo+PQj6sJHshOJo/gNb32HrydvMI7YPvevkszkuEGCfXxQ3Dw2RTACLgD0Q
|
KFr0EntQEZyYaRwMIM8aPR0WYW/VV5o4fq2o/JnmHqzZJRJCwZq+5WiCiDPt012N
|
||||||
OCkwHvn3TMf0loloV/ePGWaZDYZaXi3a5DdWi/HFFoJysgF0JV2f6XyKhJkGaEfJ
|
mRGYCMUxjlEwejue6diLAeQhZ/sfN4jUp217bMEHrhHrNBWTwwJ+Uk5TBQMhviCW
|
||||||
s9pWX269zH/XQvGNx4BEimJpYB8h4JnDYPFIiQdqj+sl2b+kS1hH9kL5gBAMXjFU
|
LKbsKrfluA6DGHWrXN4pH7Xmaf/Zyc9AYL/nxwv3VQHZzIAK/U/WNCgFJJ3qoFYY
|
||||||
vcNnX+PmyTjyJrGo75k0ku+spBf1bMwuQt3uSmM+TQIXkvFDmS0DOVESrpA5EC1T
|
6TUwDDNa30mSj165OOds9N+VmUlDC3IFiHV3osBWscSU4HJd6QJ8huHrFLLV4y4i
|
||||||
BUGRz6o/I88Xx4Mud771AgMBAAGjYzBhMB0GA1UdDgQWBBQLB1Eo23M3Ss8MsFaz
|
u62el47Qr+/8Ut3SzeIXAgMBAAGjYzBhMB0GA1UdDgQWBBQli5f2bYL9jKUA5Uxp
|
||||||
V+Twcb3PmDAfBgNVHSMEGDAWgBQa7SYOe8NGcF00EbwPHA91YCsHSTAUBgNVHREE
|
yRRHeCoPJzAfBgNVHSMEGDAWgBQwTCrAjlvQxik3HBocn1PDUunenjAUBgNVHREE
|
||||||
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAnEl/
|
DTALgglsb2NhbGhvc3QwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATFNj
|
||||||
z5IElIjvkK4AgMPrNcRlvIGDt2orEik7b6Jsq6/RiJQ7cSsYTZf7xbqyxNsUOTxv
|
WkTBPfgflGYZD4OsYvfT/rVjFKbJP/u1a0rkzNamA2QKNzI9JTOzONPTyRhe9yVS
|
||||||
+frj47MEN448H2nRvUxH29YR3XygV5aEwADSAhwaQWn0QfWTCZbJTmSoNEDtDOzX
|
zeO8X2rtN63l38dtgMjFQ15Xxnp7GFT7GkXfa1JR+tGSGTgVld8nLUzig+mNmBoR
|
||||||
TGDlAoCD9s9Xz9S1JpxY4H+WWRZrBSDM6SC1c6CzuEeZRuScNAjYD5mh2v6fOlSy
|
nE4cNc0JJ1PsXPzfPgJ6WMp2WOoNUrQf2cm42i36Jk+7KGcosfyFMPQILZE34Geo
|
||||||
b8xJWSg0AFlJPCa3ZsA2SKbNqI0uNfJTnkXRm88Z2NHcgtlADbOLKauWfCrpgsCk
|
DAgCVpNWPgST4HYBUCHMC7S14LHLVdUXPsfGZPEqU5Zf9Hvy61rQC/RdNjnMI6JD
|
||||||
cZgo6yAYkOM148h/8wGla1eX+iE1R72NUABGydu8MSQKvc0emWJkGsC1/KqPlf/O
|
s57l9oHASNeEg55NQm01aOmwq/z1DXs3UP2nRmp6XCCfE61ghofO5dtV1j3cZ3f5
|
||||||
eOUsdwn1yDKHRxDHyA==
|
dzkzSBV7H6+/MD3Y8Q==</ds:X509Certificate>
|
||||||
</ds:X509Certificate>
|
|
||||||
</ds:X509Data>
|
</ds:X509Data>
|
||||||
</ds:KeyInfo>
|
</ds:KeyInfo>
|
||||||
</md:KeyDescriptor>
|
</md:KeyDescriptor>
|
||||||
|
|
Loading…
Reference in a new issue