kolla-ansible

History

Mark Goddard e91fd969ac Verify TLS by default for Kibana to Elasticsearch Currently, if internal TLS communication is enabled, Kibana to Elasticsearch communication is unverified. This is because we set elasticsearch.ssl.verificationMode to 'none' by default (via kibana_elasticsearch_ssl_verify). This is poor a security posture. This change changes the default value of 'kibana_elasticsearch_ssl_verify' to 'true'. Change-Id: Ie4fa8e3a60d69cf5c4bdd975030c92be8113ffb1 Closes-Bug: #1885110	2020-06-25 10:35:18 +01:00
..
main.yml	Verify TLS by default for Kibana to Elasticsearch	2020-06-25 10:35:18 +01:00

Mark Goddard e91fd969ac Verify TLS by default for Kibana to Elasticsearch

Currently, if internal TLS communication is enabled, Kibana to
Elasticsearch communication is unverified. This is because we set
elasticsearch.ssl.verificationMode to 'none' by default (via
kibana_elasticsearch_ssl_verify). This is poor a security
posture.

This change changes the default value of
'kibana_elasticsearch_ssl_verify' to 'true'.

Change-Id: Ie4fa8e3a60d69cf5c4bdd975030c92be8113ffb1
Closes-Bug: #1885110

2020-06-25 10:35:18 +01:00

main.yml

Verify TLS by default for Kibana to Elasticsearch

2020-06-25 10:35:18 +01:00