-
Notifications
You must be signed in to change notification settings - Fork 278
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extended /certificates endpoint with additional SSL certs info #4882
base: main
Are you sure you want to change the base?
Extended /certificates endpoint with additional SSL certs info #4882
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #4882 +/- ##
==========================================
+ Coverage 71.41% 71.49% +0.07%
==========================================
Files 334 333 -1
Lines 22515 22533 +18
Branches 3585 3580 -5
==========================================
+ Hits 16080 16110 +30
+ Misses 4643 4632 -11
+ Partials 1792 1791 -1
|
|
||
import java.util.Locale; | ||
|
||
public enum CertificateType { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why remove this enum?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The main issue is the use of duplicate definitions for certificate types, which prevents the REST endpoint from providing information about transport client certificates. These certificates can be configured differently from standard transport certificates as extended SSL configuration.
@@ -51,6 +76,10 @@ public CertificateInfo(final StreamInput in) throws IOException { | |||
|
|||
@Override | |||
public void writeTo(final StreamOutput out) throws IOException { | |||
out.writeOptionalString(format); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whenever reading and writing is modified, isn't it recommended to add to the end? There may be issues in a mixed cluster if a message is serialized from a newer node and communicates with an older node that doesn't understand the new values.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
True
bab21d1
to
babe0dc
Compare
Enhanced the /certificates endpoint to provide more detailed information. The endpoint now lists all certificates used by each node, with additional properties for each certificate, including: - "format" - "alias" - "serial_number" - "has_private_key" Signed-off-by: Andrey Pleskach <[email protected]>
babe0dc
to
a9d34d4
Compare
Description
Enhanced the
/certificates
endpoint to provide more detailed information. The endpoint now lists all certificates used by each node, with additional properties for each certificate, including:format
alias
serial_number
has_private_key
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.