Adding flag to disable "ask validation"

[Blue0ctober]

When running check-es-node-status on a cluster with SSL enabled that is using self signed certs, the check will fail with the following:
Check failed to run: SSL_connect returned=1 errno=0 state=error: certificate verify failed

The plugin should have a flag to allow skipping the validation of the cert for use cases where you would use self signed certs instead of signed certs.

[csoleimani]

#101

Made this so you can pass in a cert instead of completely skipping validation

[majormoses]

Much better to provide a cert than to disable validation. Make sure to use token substitution and redaction to ensure that it does not leak through logs or external handlers.

[rgarcia89]

What is the status of this ticket?

[ltoning]

Hello,

Can we please have this option?
From elastic 7.10 TLS is mandatory on http api 9200 to be abl to use the core Alert functionality.
This makes all the sensu-plugins-elasticsearch useless when using selfsigned/pki certificates.

[rgarcia89]

@ltoning it is available in a fork...
not sure why it has not been merged to the community version

jspaleta@d091d7a

[majormoses]

I will be happy to take a look at integrating it once Jeff is ready to create a pull request. Based on the tag it may not be ready for production without further testing.

[rgarcia89]

@majormoses I am using it for my test and prod environment. Everything is working fine with the --insecure-skip-tls-verify parameter