Skip to content

Commit

Permalink
[Branding] allow for SSL setup failures (opensearch-project#1414)
Browse files Browse the repository at this point in the history
Setup HTTP Agent in the render portion when it did not need to be
it just needed a one time setup for the life time of the server.

Also if this fails to read the keys then it would fail. But it's
only used for custom branding. We shouldn't failed for custom branding
just rely on default branding.

Issue Resolved:
https://discuss.opendistrocommunity.dev/t/is-opensearch-dashboard-server-certificate-and-key-required-to-be-reloaded-everytime-when-gui-is-accessed/9069/13

Signed-off-by: Kawika Avilla <[email protected]>
  • Loading branch information
kavilla authored Apr 1, 2022
1 parent 6ec2182 commit 0bd14bd
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions src/core/server/rendering/rendering_service.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,8 @@ export class RenderingService {
this.coreContext.configService.atPath<HttpConfigType>('server').pipe(first()).toPromise(),
]);

this.setupHttpAgent(serverConfig as HttpConfigType);

return {
render: async (
request,
Expand All @@ -94,8 +96,6 @@ export class RenderingService {
? Boolean(settings.user['theme:darkMode'].userValue)
: false;

this.setupHttpAgent(serverConfig as HttpConfigType);

const brandingAssignment = await this.assignBrandingConfig(
darkMode,
opensearchDashboardsConfig as OpenSearchDashboardsConfigType
Expand Down Expand Up @@ -167,7 +167,8 @@ export class RenderingService {
* @param {Readonly<HttpConfigType>} httpConfig
*/
private setupHttpAgent(httpConfig: Readonly<HttpConfigType>) {
if (httpConfig.ssl?.enabled) {
if (!httpConfig.ssl?.enabled) return;
try {
const sslConfig = new SslConfig(httpConfig.ssl);
this.httpsAgent = new HttpsAgent({
ca: sslConfig.certificateAuthorities,
Expand All @@ -176,6 +177,8 @@ export class RenderingService {
passphrase: sslConfig.keyPassphrase,
rejectUnauthorized: false,
});
} catch (e) {
this.logger.get('branding').error('HTTP agent failed to setup for SSL.');
}
}

Expand Down

0 comments on commit 0bd14bd

Please sign in to comment.