Skip to content

Commit

Permalink
[OpenAPI] Edit SSL certificate API (#3056)
Browse files Browse the repository at this point in the history
(cherry picked from commit e46f571)
  • Loading branch information
lcawl authored and github-actions[bot] committed Oct 23, 2024
1 parent ad31274 commit d784236
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 7 deletions.
2 changes: 0 additions & 2 deletions docs/overlays/elasticsearch-shared-overlays.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -193,8 +193,6 @@ actions:
x-displayName: Searchable snapshots
- name: security
x-displayName: Security
- name: ssl
x-displayName: Security - SSL
- name: snapshot
x-displayName: Snapshot and restore
description: >
Expand Down
5 changes: 3 additions & 2 deletions output/openapi/elasticsearch-openapi.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 4 additions & 3 deletions output/schema/schema.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

18 changes: 18 additions & 0 deletions specification/ssl/certificates/GetCertificatesRequest.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,26 @@
import { RequestBase } from '@_types/Base'

/**
* Get SSL certificates.
*
* Get information about the X.509 certificates that are used to encrypt communications in the cluster.
* The API returns a list that includes certificates from all TLS contexts including:
*
* - Settings for transport and HTTP interfaces
* - TLS settings that are used within authentication realms
* - TLS settings for remote monitoring exporters
*
* The list includes certificates that are used for configuring trust, such as those configured in the `xpack.security.transport.ssl.truststore` and `xpack.security.transport.ssl.certificate_authorities` settings.
* It also includes certificates that are used for configuring server identity, such as `xpack.security.http.ssl.keystore` and `xpack.security.http.ssl.certificate settings`.
*
* The list does not include certificates that are sourced from the default SSL context of the Java Runtime Environment (JRE), even if those certificates are in use within Elasticsearch.
*
* NOTE: When a PKCS#11 token is configured as the truststore of the JRE, the API returns all the certificates that are included in the PKCS#11 token irrespective of whether these are used in the Elasticsearch TLS configuration.
*
* If Elasticsearch is configured to use a keystore or truststore, the API output includes all certificates in that store, even though some of the certificates might not be in active use within the cluster.
* @rest_spec_name ssl.certificates
* @availability stack since=6.2.0 stability=stable
* @availability serverless stability=stable visibility=private
* @doc_tag security
*/
export interface Request extends RequestBase {}

0 comments on commit d784236

Please sign in to comment.