From 739cfc51f2f065d549fded3653222b8e684ce9ad Mon Sep 17 00:00:00 2001
From: vladd-bit <vlad.a.dinu@gmail.com>
Date: Thu, 14 Mar 2024 10:16:37 +0000
Subject: [PATCH] Security: fixed permissions on OpenSearch client cert after
 gen.

---
 security/create_opensearch_client_cert.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/security/create_opensearch_client_cert.sh b/security/create_opensearch_client_cert.sh
index 1d000a3c..fc1175d4 100644
--- a/security/create_opensearch_client_cert.sh
+++ b/security/create_opensearch_client_cert.sh
@@ -77,5 +77,7 @@ openssl x509 -req -days $ES_CERTIFICATE_TIME_VALIDITY_IN_DAYS -in "$ES_CLIENT_CE
 
 #-extfile <(printf "\nsubjectAltName=DNS:esnode-1,DNS:esnode-2,DNS:elasticsearch-1,DNS:elasticsearch-2,DNS:elasticsearch-node-1,DNS:elasticsearch-node-2,DNS:elasticsearch-cogstack-node-2,DNS:elasticsearch-cogstack-node-1,DNS:localhost") 
 
+chmod -R 755 "./$ES_CLIENT_CERT_NAME"*
+
 mv "$ES_CLIENT_CERT_NAME"* $OPENSEARCH_ES_CERTIFICATES_FOLDER