honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/plugin/core
History
Ioannis Kakavas 2b09e90237
Replace custom reloadable Key/TrustManager (#30509) 
Make SSLContext reloadable

This commit replaces all customKeyManagers and TrustManagers 
(ReloadableKeyManager,ReloadableTrustManager, 
EmptyKeyManager, EmptyTrustManager) with instances of 
X509ExtendedKeyManager and X509ExtendedTrustManager. 
This change was triggered by the effort to allow Elasticsearch to 
run in a FIPS-140 environment. In JVMs running in FIPS approved 
mode, only SunJSSE TrustManagers and KeyManagers can be used. 
Reloadability is now ensured by a volatile instance of SSLContext
in SSLContectHolder.
SSLConfigurationReloaderTests use the reloadable SSLContext to
initialize HTTP Clients and Servers and use these for testing the
key material and trust relations.
 		2018-05-16 08:32:13 +03:00
..
licenses Migrate x-pack-elasticsearch source to elasticsearch 2018-04-20 15:29:54 -07:00
src Replace custom reloadable Key/TrustManager (#30509) 2018-05-16 08:32:13 +03:00
build.gradle Migrate x-pack-elasticsearch source to elasticsearch 2018-04-20 15:29:54 -07:00
snapshot.key Make licensing FIPS-140 compliant (#30251) 2018-05-02 22:19:43 +03:00