Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[7.14] [DOCS] Clarify where to complete security steps #76120

Merged
merged 3 commits into from
Aug 12, 2021
Merged

[7.14] [DOCS] Clarify where to complete security steps #76120

merged 3 commits into from
Aug 12, 2021

Conversation

lockewritesdocs
Copy link
Contributor

@lockewritesdocs lockewritesdocs commented Aug 4, 2021
edited
Loading

Updates our documentation for Configuring security to indicate which steps need to be taken on every node, and which steps can be performed once on any single node.

Preview link: https://elasticsearch_76120.docs-preview.app.elstc.co/guide/en/elasticsearch/reference/master/configuring-stack-security.html

Closes #76055

@lockewritesdocs lockewritesdocs added >docs General docs changes :Security/TLS SSL/TLS, Certificates v8.0.0 auto-backport Automatically create backport pull requests when merged v7.14.1 v7.15.0 v7.13.4 labels Aug 4, 2021
@lockewritesdocs lockewritesdocs requested a review from tvernum August 4, 2021 18:48
@lockewritesdocs lockewritesdocs self-assigned this Aug 4, 2021
@elasticmachine elasticmachine added the Team:Security Meta label for security team label Aug 4, 2021
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@elasticmachine elasticmachine added the Team:Docs Meta label for docs team label Aug 4, 2021
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-docs (Team:Docs)

ywangd
ywangd reviewed Aug 5, 2021
View reviewed changes
x-pack/docs/en/security/securing-communications/security-basic-setup-https.asciidoc Outdated
+
[source,yaml]
----
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: http.p12
xpack.security.http.ssl.keystore.path: config/http.p12
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The config/ part is not needed. Configuration files are resolved relative to the config directory.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @ywangd -- I'll remove config/ from the path.

tvernum
tvernum approved these changes Aug 9, 2021
View reviewed changes
x-pack/docs/en/security/securing-communications/security-basic-setup-https.asciidoc Outdated
@@ -486,8 +488,8 @@ separate monitoring cluster prevents production cluster outages from impacting
your ability to access your monitoring data. It also prevents monitoring
activities from impacting the performance of your production cluster.

. From the directory where you installed Elasticsearch, navigate to the
`/kibana` directory that you created when <<encrypt-http-communication,encrypting HTTP client communications for {es}>>.
. On any single node, navigate to the `/kibana` directory that you created when
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be On the node on which you generated the HTTP certificates ? (or neater wording to that effect)

I don't think we would assume that they copied the kibana directory to every node (though they might have)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good eye @tvernum 👀

I'll change this to read:

. On the node where you <<encrypt-http-communication,generated certificates for the HTTP layer>>, navigate to the /kibana directory.

@lockewritesdocs
Copy link
Contributor Author

@elasticmachine run elasticsearch-ci/docs

@lockewritesdocs lockewritesdocs merged commit f1e1492 into elastic:master Aug 12, 2021
@lockewritesdocs lockewritesdocs deleted the docs__security-clarify-which-nodes branch August 12, 2021 12:11
This was referenced Aug 12, 2021
Merged
Merged
lockewritesdocs pushed a commit to lockewritesdocs/elasticsearch that referenced this pull request Aug 12, 2021
[DOCS] Clarify where to complete security steps (elastic#76120)
1918695 
* [DOCS] Clarify where to complete security steps

* Remove config/ from HTTP keystore path

* Clarify the node where generating certs for the HTTP layer
@lockewritesdocs lockewritesdocs mentioned this pull request Aug 12, 2021
Merged
@elasticsearchmachine
Copy link
Collaborator

💚 Backport successful

Status Branch Result
7.14
7.x
7.13

lockewritesdocs pushed a commit to lockewritesdocs/elasticsearch that referenced this pull request Aug 12, 2021
[DOCS] Clarify where to complete security steps (elastic#76120)
600f0ba 
* [DOCS] Clarify where to complete security steps

* Remove config/ from HTTP keystore path

* Clarify the node where generating certs for the HTTP layer
lockewritesdocs pushed a commit that referenced this pull request Aug 12, 2021
[DOCS] Clarify where to complete security steps (#76120) (#76411)
525811f 
* [DOCS] Clarify where to complete security steps

* Remove config/ from HTTP keystore path

* Clarify the node where generating certs for the HTTP layer
lockewritesdocs pushed a commit that referenced this pull request Aug 12, 2021
[DOCS] Clarify where to complete security steps (#76120) (#76409)
cb1739a 
* [DOCS] Clarify where to complete security steps

* Remove config/ from HTTP keystore path

* Clarify the node where generating certs for the HTTP layer
lockewritesdocs pushed a commit that referenced this pull request Aug 12, 2021
[DOCS] Clarify where to complete security steps (#76120) (#76410)
edbde78 
* [DOCS] Clarify where to complete security steps

* Remove config/ from HTTP keystore path

* Clarify the node where generating certs for the HTTP layer
@lockewritesdocs lockewritesdocs changed the title [DOCS] Clarify where to complete security steps [7.14] [DOCS] Clarify where to complete security steps Aug 12, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ywangd ywangd ywangd left review comments

@tvernum tvernum tvernum approved these changes

Assignees

@lockewritesdocs lockewritesdocs

Labels
auto-backport Automatically create backport pull requests when merged >docs General docs changes :Security/TLS SSL/TLS, Certificates Team:Docs Meta label for docs team Team:Security Meta label for security team v7.13.4 v7.14.1 v7.15.0 v8.0.0-alpha2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Docs] Setting up security - clarify which steps need to be performed on every node
6 participants
@lockewritesdocs @elasticmachine @elasticsearchmachine @tvernum @ywangd @jakelandis