iSharkFly-Docs
/
opensearch-docs-cn
mirror of https://github.com/iSharkFly-Docs/opensearch-docs-cn
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #105 from opensearch-project/security-updates 

Added required openid lines to TLS configuration yaml files
This commit is contained in:
Keith Chan 2021-07-16 16:10:37 -07:00 committed by GitHub
parent fb9ecbbc15 c961ca45d0
commit 25421e60e0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
_security-plugin/configuration/openid-connect.md
View File

@ -148,6 +148,7 @@ Use the following parameters to enable TLS for connecting to your IdP:
```yml
config:
openid_connect_idp:
enable_ssl: <true|false>
verify_hostnames: <true|false>
```
@ -164,11 +165,15 @@ To validate the TLS certificate of your IdP, configure either the path to the Id
```yml
config:
pemtrustedcas_filepath: /path/to/trusted_cas.pem
openid_connect_idp:
enable_ssl: true
pemtrustedcas_filepath: /full/path/to/trusted_cas.pem
```
```yml
config:
openid_connect_idp:
enable_ssl: true
pemtrustedcas_content: |-
MIID/jCCAuagAwIBAgIBATANBgkqhkiG9w0BAQUFADCBjzETMBEGCgmSJomT8ixk
ARkWA2NvbTEXMBUGCgmSJomT8ixkARkWB2V4YW1wbGUxGTAXBgNVBAoMEEV4YW1w
@ -189,13 +194,17 @@ To use TLS client authentication, configure the PEM certificate and private key
```yml
config:
pemkey_filepath: /path/to/private.key.pem
openid_connect_idp:
enable_ssl: true
pemkey_filepath: /full/path/to/private.key.pem
pemkey_password: private_key_password
pemcert_filepath: /path/to/certificate.pem
pemcert_filepath: /full/path/to/certificate.pem
```
```yml
config:
openid_connect_idp:
enable_ssl: true
pemkey_content: |-
MIID2jCCAsKgAwIBAgIBBTANBgkqhkiG9w0BAQUFADCBlTETMBEGCgmSJomT8ixk
ARkWA2NvbTEXMBUGCgmSJomT8ixkARkWB2V4YW1wbGUxGTAXBgNVBAoMEEV4YW1w