honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/docs/en/rest-api/security
History
Ioannis Kakavas 2c82b80b85
Support PKCS#11 tokens as keystores and truststores (#34063) 
This enables Elasticsearch to use the JVM-wide configured
PKCS#11 token as a keystore or a truststore for its TLS configuration.
The JVM is assumed to be configured accordingly with the appropriate
Security Provider implementation that supports PKCS#11 tokens.
For the PKCS#11 token to be used as a keystore or a truststore for an
SSLConfiguration, the .keystore.type or .truststore.type must be
explicitly set to pkcs11 in the configuration.
The fact that the PKCS#11 token configuration is JVM wide implies that
there is only one available keystore and truststore that can be used by TLS
configurations in Elasticsearch.
The PIN for the PKCS#11 token can be set as a truststore parameter in
Elasticsearch or as a JVM parameter ( -Djavax.net.ssl.trustStorePassword).

The basic goal of enabling PKCS#11 token support is to allow PKCS#11-NSS in
FIPS mode to be used as a FIPS 140-2 enabled Security Provider.
 		2018-10-04 10:51:58 +03:00
..
authenticate.asciidoc [DOCS] Adds testing for security APIs (#31345) 2018-06-18 08:48:23 -07:00
change-password.asciidoc [DOCS] Splits the users API documentation into multiple pages (#32825) 2018-08-17 23:17:33 -07:00
clear-cache.asciidoc Migrate x-pack-elasticsearch source to elasticsearch 2018-04-20 15:29:54 -07:00
clear-roles-cache.asciidoc [DOCS] Splits the roles API documentation into multiple pages (#32794) 2018-08-17 09:18:08 -07:00
create-role-mappings.asciidoc [DOCS] Add docs for Application Privileges (#32635) 2018-08-23 18:04:02 -07:00
create-roles.asciidoc [DOCS] Add docs for Application Privileges (#32635) 2018-08-23 18:04:02 -07:00
create-users.asciidoc Security: remove wrapping in put user response (#33512) 2018-09-13 14:40:36 -06:00
delete-app-privileges.asciidoc [DOCS] Add docs for Application Privileges (#32635) 2018-08-23 18:04:02 -07:00
delete-role-mappings.asciidoc [DOC] Splits role mapping APIs into separate pages (#32797) 2018-08-20 14:30:42 -07:00
delete-roles.asciidoc [DOCS] Splits the roles API documentation into multiple pages (#32794) 2018-08-17 09:18:08 -07:00
delete-tokens.asciidoc [DOCS] Splits the token APIs into separate pages (#32865) 2018-08-17 22:22:09 -07:00
delete-users.asciidoc [DOCS] Splits the users API documentation into multiple pages (#32825) 2018-08-17 23:17:33 -07:00
disable-users.asciidoc [DOCS] Splits the users API documentation into multiple pages (#32825) 2018-08-17 23:17:33 -07:00
enable-users.asciidoc [DOCS] Splits the users API documentation into multiple pages (#32825) 2018-08-17 23:17:33 -07:00
get-app-privileges.asciidoc [DOCS] Add docs for Application Privileges (#32635) 2018-08-23 18:04:02 -07:00
get-role-mappings.asciidoc [DOC] Splits role mapping APIs into separate pages (#32797) 2018-08-20 14:30:42 -07:00
get-roles.asciidoc [DOCS] Splits the roles API documentation into multiple pages (#32794) 2018-08-17 09:18:08 -07:00
get-tokens.asciidoc Token API supports the client_credentials grant (#33106) 2018-08-27 10:56:21 -06:00
get-users.asciidoc [DOCS] Splits the users API documentation into multiple pages (#32825) 2018-08-17 23:17:33 -07:00
has-privileges.asciidoc [DOCS] Add docs for Application Privileges (#32635) 2018-08-23 18:04:02 -07:00
put-app-privileges.asciidoc [DOCS] Add docs for Application Privileges (#32635) 2018-08-23 18:04:02 -07:00
role-mapping-resources.asciidoc [DOC] Splits role mapping APIs into separate pages (#32797) 2018-08-20 14:30:42 -07:00
ssl.asciidoc Support PKCS#11 tokens as keystores and truststores (#34063) 2018-10-04 10:51:58 +03:00