Skip to content

Commit

Permalink
[DOCS] Set explicit anchors for TLS/SSL settings (#42524)
Browse files Browse the repository at this point in the history
  • Loading branch information
jrodewig committed May 29, 2019
1 parent adca6a8 commit 7d2ff99
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 1 deletion.
1 change: 1 addition & 0 deletions docs/reference/settings/monitoring-settings.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -285,5 +285,6 @@ For example: `["elasticsearch_version_mismatch","xpack_license_expiration"]`.
:component: {monitoring}
:verifies:
:server!:
:ssl-context: monitoring

include::ssl-settings.asciidoc[]
1 change: 1 addition & 0 deletions docs/reference/settings/notification-settings.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ Specifies the maximum size an HTTP response is allowed to have, defaults to
:component: {watcher}
:verifies:
:server!:
:ssl-context: watcher

include::ssl-settings.asciidoc[]

Expand Down
2 changes: 2 additions & 0 deletions docs/reference/settings/security-settings.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -1465,6 +1465,7 @@ http layer.
:client-auth-default: none
:verifies!:
:server:
:ssl-context: security-http

include::ssl-settings.asciidoc[]

Expand All @@ -1474,6 +1475,7 @@ include::ssl-settings.asciidoc[]
:client-auth-default!:
:verifies:
:server:
:ssl-context: security-transport

include::ssl-settings.asciidoc[]

Expand Down
19 changes: 18 additions & 1 deletion docs/reference/settings/ssl-settings.asciidoc
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

==== {component} TLS/SSL Settings
ifeval::["{component}"=="Auditing"]
ifdef::asciidoctor[]
Expand Down Expand Up @@ -52,7 +51,13 @@ Supported cipher suites can be found in Oracle's http://docs.oracle.com/javase/8
Java Cryptography Architecture documentation]. Defaults to the value of
`xpack.ssl.cipher_suites`.

ifdef::asciidoctor[]
[#{ssl-context}-tls-ssl-key-trusted-certificate-settings]
===== {component} TLS/SSL Key and Trusted Certificate Settings
endif::[]
ifndef::asciidoctor[]
===== anchor:{ssl-context}-tls-ssl-key-trusted-certificate-settings[] {component} TLS/SSL Key and Trusted Certificate Settings
endif::[]

The following settings are used to specify a private key, certificate, and the
trusted certificates that should be used when communicating over an SSL/TLS connection.
Expand Down Expand Up @@ -118,7 +123,13 @@ Password to the truststore.
+{ssl-prefix}.ssl.truststore.secure_password+ (<<secure-settings,Secure>>)::
Password to the truststore.

ifdef::asciidoctor[]
[#{ssl-context}-pkcs12-files]
===== PKCS#12 Files
endif::[]
ifndef::asciidoctor[]
===== anchor:{ssl-context}-pkcs12-files[] PKCS#12 Files
endif::[]

{es} can be configured to use PKCS#12 container files (`.p12` or `.pfx` files)
that contain the private key, certificate and certificates that should be trusted.
Expand Down Expand Up @@ -156,7 +167,13 @@ Password to the PKCS#12 file.
+{ssl-prefix}.ssl.truststore.secure_password+ (<<secure-settings,Secure>>)::
Password to the PKCS#12 file.

ifdef::asciidoctor[]
[#{ssl-context}-pkcs11-tokens]
===== PKCS#11 Tokens
endif::[]
ifndef::asciidoctor[]
===== anchor:{ssl-context}-pkcs11-tokens[] PKCS#11 Tokens
endif::[]

{es} can be configured to use a PKCS#11 token that contains the private key,
certificate and certificates that should be trusted.
Expand Down

0 comments on commit 7d2ff99

Please sign in to comment.