honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Fix typo and add [float]

This commit is contained in:
Ioannis Kakavas 2018-10-05 10:07:50 +03:00
parent 63dbd1dce0
commit f420eebc73
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/reference/settings/security-settings.asciidoc
View File

@ -1371,6 +1371,7 @@ a PKCS#12 container includes trusted certificate ("anchor") entries look for
`openssl pkcs12 -info` output, or `trustedCertEntry` in the `openssl pkcs12 -info` output, or `trustedCertEntry` in the
`keytool -list` output. `keytool -list` output.
[float]
===== PKCS#11 tokens ===== PKCS#11 tokens
When using a PKCS#11 cryptographic token, which contains the When using a PKCS#11 cryptographic token, which contains the
@ -1391,7 +1392,7 @@ a keystore or a truststore for Elasticsearch, the PIN for the token can be
configured by setting the appropriate value to `xpack.ssl.truststore.password` configured by setting the appropriate value to `xpack.ssl.truststore.password`
or `xpack.ssl.truststore.secure_password`. In the absence of the above, {es} will or `xpack.ssl.truststore.secure_password`. In the absence of the above, {es} will
fallback to use he appropriate JVM setting (`-Djavax.net.ssl.trustStorePassword`) fallback to use he appropriate JVM setting (`-Djavax.net.ssl.trustStorePassword`)
if that s set. if that is set.
Since there can only be one PKCS#11 token configured, only one keystore and Since there can only be one PKCS#11 token configured, only one keystore and
truststore will be usable for configuration in {es}. This in turn means truststore will be usable for configuration in {es}. This in turn means
that only one certificate can be used for TLS both in the transport and the that only one certificate can be used for TLS both in the transport and the