maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #5246 from spalger/implement/multipleCas

Browse source 
[elasticsearch] allow defining multiple ca certs
This commit is contained in:
Spencer 2015-10-30 17:05:25 -05:00
parent 4f78811c40 682354f9e4
commit 89ae862af8
3 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/plugins/elasticsearch/index.js
View file

@ -19,7 +19,7 @@ module.exports = function (kibana) {
startupTimeout: Joi.number().default(5000),
ssl: Joi.object({
verify: Joi.boolean().default(true),
ca: Joi.string(),
ca: Joi.array().single().items(Joi.string()),
cert: Joi.string(),
key: Joi.string()
}).default(),

8
src/plugins/elasticsearch/lib/create_agent.js
View file

@ -1,6 +1,6 @@
var url = require('url');
var _ = require('lodash');
var readFile = _.partialRight(require('fs').readFileSync, 'utf8');
var readFile = (file) => require('fs').readFileSync(file, 'utf8');
var http = require('http');
var https = require('https');
@ -14,8 +14,8 @@ module.exports = _.memoize(function (server) {
rejectUnauthorized: config.get('elasticsearch.ssl.verify')
};
if (config.get('elasticsearch.ssl.ca')) {
agentOptions.ca = [readFile(config.get('elasticsearch.ssl.ca'))];
if (_.size(config.get('elasticsearch.ssl.ca'))) {
agentOptions.ca = config.get('elasticsearch.ssl.ca').map(readFile);
}
// Add client certificate and key if required by elasticsearch
@ -29,4 +29,4 @@ module.exports = _.memoize(function (server) {
// See https://lodash.com/docs#memoize: We use a Map() instead of the default, because we want the keys in the cache
// to be the server objects, and by default these would be coerced to strings as keys (which wouldn't be useful)
module.exports.cache = new Map();
module.exports.cache = new Map();

8
src/plugins/elasticsearch/lib/expose_client.js
View file

@ -1,6 +1,6 @@
var elasticsearch = require('elasticsearch');
var _ = require('lodash');
var fs = require('fs');
var readFile = (file) => require('fs').readFileSync(file, 'utf8');
var util = require('util');
var url = require('url');
var callWithRequest = require('./call_with_request');
@ -31,11 +31,11 @@ module.exports = function (server) {
var ssl = { rejectUnauthorized: options.verifySsl };
if (options.clientCrt && options.clientKey) {
ssl.cert = fs.readFileSync(options.clientCrt, 'utf8');
ssl.key = fs.readFileSync(options.clientKey, 'utf8');
ssl.cert = readFile(options.clientCrt);
ssl.key = readFile(options.clientKey);
}
if (options.ca) {
ssl.ca = fs.readFileSync(options.ca, 'utf8');
ssl.ca = options.ca.map(readFile);
}
return new elasticsearch.Client({