From 0bd14bd06efd33196564c8817d24d68b48474659 Mon Sep 17 00:00:00 2001 From: Kawika Avilla Date: Thu, 31 Mar 2022 23:10:20 -0700 Subject: [PATCH] [Branding] allow for SSL setup failures (#1414) Setup HTTP Agent in the render portion when it did not need to be it just needed a one time setup for the life time of the server. Also if this fails to read the keys then it would fail. But it's only used for custom branding. We shouldn't failed for custom branding just rely on default branding. Issue Resolved: https://discuss.opendistrocommunity.dev/t/is-opensearch-dashboard-server-certificate-and-key-required-to-be-reloaded-everytime-when-gui-is-accessed/9069/13 Signed-off-by: Kawika Avilla --- src/core/server/rendering/rendering_service.tsx | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/core/server/rendering/rendering_service.tsx b/src/core/server/rendering/rendering_service.tsx index 70d809778f09..28d2b38869fc 100644 --- a/src/core/server/rendering/rendering_service.tsx +++ b/src/core/server/rendering/rendering_service.tsx @@ -73,6 +73,8 @@ export class RenderingService { this.coreContext.configService.atPath('server').pipe(first()).toPromise(), ]); + this.setupHttpAgent(serverConfig as HttpConfigType); + return { render: async ( request, @@ -94,8 +96,6 @@ export class RenderingService { ? Boolean(settings.user['theme:darkMode'].userValue) : false; - this.setupHttpAgent(serverConfig as HttpConfigType); - const brandingAssignment = await this.assignBrandingConfig( darkMode, opensearchDashboardsConfig as OpenSearchDashboardsConfigType @@ -167,7 +167,8 @@ export class RenderingService { * @param {Readonly} httpConfig */ private setupHttpAgent(httpConfig: Readonly) { - if (httpConfig.ssl?.enabled) { + if (!httpConfig.ssl?.enabled) return; + try { const sslConfig = new SslConfig(httpConfig.ssl); this.httpsAgent = new HttpsAgent({ ca: sslConfig.certificateAuthorities, @@ -176,6 +177,8 @@ export class RenderingService { passphrase: sslConfig.keyPassphrase, rejectUnauthorized: false, }); + } catch (e) { + this.logger.get('branding').error('HTTP agent failed to setup for SSL.'); } }