From 95097a4329db86a3bab38dc27f6be9918bb57b9c Mon Sep 17 00:00:00 2001
From: poloz <polozfr@laposte.net>
Date: Wed, 3 Aug 2022 15:57:47 +0200
Subject: [PATCH] Allow the user to customize the certificates attributes in
 indexer security plugin

In indexer security plugin for the nodes_dn field.
Remove the Wazuh OU, O, L, C default attributes when certificates are managed by the user.
Instead, only use the CN with the node name.
---
 templates/wazuh_indexer_yml.erb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/templates/wazuh_indexer_yml.erb b/templates/wazuh_indexer_yml.erb
index 1e04ae51..3c237e65 100644
--- a/templates/wazuh_indexer_yml.erb
+++ b/templates/wazuh_indexer_yml.erb
@@ -30,10 +30,15 @@ plugins.security.enable_snapshot_restore_privilege: true
 plugins.security.nodes_dn:
 <% @indexer_cluster_CN.each do |cn| -%>
 - "CN=indexer-<%= cn %>,OU=Wazuh,O=Wazuh,L=California,C=US"
+<% if @manage_certs -%>
+- "CN=indexer-<%= cn %>,OU=Wazuh,O=Wazuh,L=California,C=US"
+<% else -%>
+- "CN=<%= cn %>"
+<% end -%>
 <% end -%>
 plugins.security.restapi.roles_enabled:
 - "all_access"
 - "security_rest_api_access"
 plugins.security.allow_default_init_securityindex: true
 cluster.routing.allocation.disk.threshold_enabled: false
-compatibility.override_main_response_version: true
\ No newline at end of file
+compatibility.override_main_response_version: true