OpenSearch

History

Tim Vernum e6f530c167 Improved diagnostics for TLS trust failures (#49669 ) - Improves HTTP client hostname verification failure messages - Adds "DiagnosticTrustManager" which logs certificate information when trust cannot be established (hostname failure, CA path failure, etc) These diagnostic messages are designed so that many common TLS problems can be diagnosed based solely (or primarily) on the elasticsearch logs. These diagnostics can be disabled by setting xpack.security.ssl.diagnose.trust: false Backport of: #48911	2019-11-29 15:01:20 +11:00
..
main/java/org/elasticsearch/common/ssl	Improved diagnostics for TLS trust failures (#49669 )	2019-11-29 15:01:20 +11:00
test	Improved diagnostics for TLS trust failures (#49669 )	2019-11-29 15:01:20 +11:00

Improved diagnostics for TLS trust failures (#49669 )

- Improves HTTP client hostname verification failure messages
- Adds "DiagnosticTrustManager" which logs certificate information
  when trust cannot be established (hostname failure, CA path failure,
  etc)

These diagnostic messages are designed so that many common TLS
problems can be diagnosed based solely (or primarily) on the
elasticsearch logs.

These diagnostics can be disabled by setting

     xpack.security.ssl.diagnose.trust: false

Backport of: #48911

2019-11-29 15:01:20 +11:00

main/java/org/elasticsearch/common/ssl

Improved diagnostics for TLS trust failures (#49669 )

2019-11-29 15:01:20 +11:00

test

Improved diagnostics for TLS trust failures (#49669 )

2019-11-29 15:01:20 +11:00