Skip to content

Commit

Permalink
[DOCS] Deprecate SSL settings (#29990)
Browse files Browse the repository at this point in the history
  • Loading branch information
@lcawl
lcawl committed Feb 4, 2019
1 parent 44c884a commit 61a0d11
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions docs/setup/settings.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,11 +43,19 @@ Elasticsearch. This value must be a positive integer.
certificate and key files. These files are used to verify the identity of Kibana to Elasticsearch and are required when
`xpack.ssl.verification_mode` in Elasticsearch is set to either `certificate` or `full`.

`elasticsearch.ssl.ca:`:: Optional setting that enables you to specify a path to
the PEM file for the certificate authority for your Elasticsearch instance.
deprecated[5.3.0,Replaced by `elasticsearch.ssl.certificateAuthorities`]

`elasticsearch.ssl.certificateAuthorities:`:: Optional setting that enables you to specify a list of paths to the PEM file for the certificate
authority for your Elasticsearch instance.

`elasticsearch.ssl.keyPassphrase:`:: The passphrase that will be used to decrypt the private key. This value is optional as the key may not be encrypted.

`elasticsearch.ssl.verify:`:: *Default: true* To disregard the validity of SSL
certificates, change this setting’s value to `false`.
deprecated[5.3.0,Replaced by `elasticsearch.ssl.verificationMode`]

`elasticsearch.ssl.verificationMode:`:: *Default: full* Controls the verification of certificates presented by Elasticsearch. Valid values are `none`, `certificate`, and `full`.
`full` performs hostname verification, and `certificate` does not.

Expand Down Expand Up @@ -169,6 +177,10 @@ By turning this off, only the layers that are configured here will be included.

`server.ssl.enabled:`:: *Default: "false"* Enables SSL for outgoing requests from the Kibana server to the browser. When set to `true`, `server.ssl.certificate` and `server.ssl.key` are required

`server.ssl.cert:`:: Path to the PEM-format SSL certificate. This file enables
SSL for outgoing requests from the Kibana server to the browser.
deprecated[5.3.0,Replaced by `server.ssl.certificate`]

`server.ssl.certificate:` and `server.ssl.key:`:: Paths to the PEM-format SSL certificate and SSL key files, respectively.

`server.ssl.certificateAuthorities:`:: List of paths to PEM encoded certificate files that should be trusted.
Expand Down

0 comments on commit 61a0d11

Please sign in to comment.