Allow the user to customize the certificates attributes in indexer se…

…curity plugin In indexer security plugin for the nodes_dn field. Remove the Wazuh OU, O, L, C default attributes when certificates are managed by the user. Instead, only use the CN with the node name.
wazuh · Nov 12, 2024 · 95097a4 · 95097a4
1 parent 41502c1
commit 95097a4
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/templates/wazuh_indexer_yml.erb b/templates/wazuh_indexer_yml.erb
@@ -30,10 +30,15 @@ plugins.security.enable_snapshot_restore_privilege: true
 plugins.security.nodes_dn:
 <% @indexer_cluster_CN.each do |cn| -%>
 - "CN=indexer-<%= cn %>,OU=Wazuh,O=Wazuh,L=California,C=US"
+<% if @manage_certs -%>
+- "CN=indexer-<%= cn %>,OU=Wazuh,O=Wazuh,L=California,C=US"
+<% else -%>
+- "CN=<%= cn %>"
+<% end -%>
 <% end -%>
 plugins.security.restapi.roles_enabled:
 - "all_access"
 - "security_rest_api_access"
 plugins.security.allow_default_init_securityindex: true
 cluster.routing.allocation.disk.threshold_enabled: false
-compatibility.override_main_response_version: true
+compatibility.override_main_response_version: true