Commit Graph

12 Commits

Author SHA1 Message Date
Yang Wang b018c761e9
Remove support of creating CA on the fly when generating certificates (#65590)
Generating certificates with the cert sub-command now requires either: 1) a CA
to be provided with --ca or --ca-cert/--ca-key; or 2) make them self-signed
with the --self-signed option. Generating a CA on the fly is no longer
supported. The --keep-ca-key option is removed and the tool throws an error 
saying the CA needs to be generated separately if the option is specified.

This is a follow-up PR for #61884, which deprecated the "ca-on-the-fly" usage.
2020-12-16 13:54:32 +11:00
Yang Wang bdd99b250f
Deprecate cert gen without a CA and add self-signed option (#64037)
Generating a CA on the fly is an attempt at workflow optimisation that was
inherited from certgen. There are potential pitfalls with this approach. Overall
it is recommended to separate the step of CA creation and mandate a CA to be
specified when generating certificate.

This PR add a deprecation message if the cert command is used without specifying
a CA. A follow up PR will throw error for this usage in 8.0.

For use case where we explicitly trust a certificate without needing a CA, e.g.
SAML message signing, the PR adds a --self-signed option to the cert sub-command
to generate self-signed certificate.
2020-11-30 08:46:02 +11:00
James Rodewig 277709004e
[DOCS] Fix elasticsearch-croneval chunking (#63008) 2020-09-29 09:53:20 -04:00
Lisa Cawley 416fbfab6a
[DOCS] Update elasticsearch-certutil example (#61110) 2020-08-14 07:33:37 -07:00
James Rodewig 2774cd6938
[DOCS] Swap `[float]` for `[discrete]` (#60124)
Changes instances of `[float]` in our docs for `[discrete]`.

Asciidoctor prefers the `[discrete]` tag for floating headings:
https://asciidoctor.org/docs/asciidoc-asciidoctor-diffs/#blocks
2020-07-23 11:48:22 -04:00
Lisa Cawley b4ccd3e793
[DOCS] Adds http to elasticsearch-certutil command reference (#51188) 2020-01-24 09:56:51 -08:00
Lisa Cawley 4e4990c6a0
[DOCS] Cleans up links to security content (#47610) 2019-10-04 16:10:26 -07:00
Alex Pang 88befb54c5 Fix docs typo in the certutil CSR mode (#42593)
Changes the mention of `cert` to `csr`.

Co-Authored-By: Alex Pang <pangyikhei+github@gmail.com>
2019-05-30 18:01:04 -04:00
Diego Cardozo Sandrim dabc4c3b1b Improve certutil --pass documentation about empty password (#40137)
Improve the documentation of parameter --pass of elasticsearch-certutil

Co-Authored-By: Diego Cardozo Sandrim <diegocsandrim@users.noreply.github.com>
Co-Authored-By: Vigneash Sundar <vikene@users.noreply.github.com>
2019-03-27 14:36:31 +11:00
Lisa Cawley 4140b9eede
[DOCS] Update X-Pack terminology in security docs (#36564) 2018-12-19 14:53:37 -08:00
Kazuhiro Sera d45fe43a68 Fix a variety of typos and misspelled words (#32792) 2018-10-03 18:11:38 +01:00
Lisa Cawley 6fd4eb52b8
[DOCS] Moves commands to docs folder (#31114) 2018-06-06 07:49:15 -07:00