4f3548fbd7
This commit sets `xpack.security.ssl.diagnose.trust` to false in all of our tests when running in FIPS 140 mode and when settings objects are used to create an instance of the SSLService. This is needed in 7.x because setting xpack.security.ssl.diagnose.trust to true wraps SunJSSE TrustManager with our own DiagnosticTrustManager and this is not allowed when SunJSSE is in FIPS mode. An alternative would be to set xpack.security.fips.enabled to true which would also implicitly disable xpack.security.ssl.diagnose.trust but would have additional effects (would require that we set PBKDF2 for password hashing algorithm in all test clusters, would prohibit using JKS keystores in nodes even if relevant tests have been muted in FIPS mode etc.) Relates: #49900 Resolves: #51268 |
||
---|---|---|
.. | ||
cli | ||
forbidden | ||
licenses | ||
qa | ||
src | ||
build.gradle |