Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DOCS] TLS file resources are reloadable #33258

Merged
merged 5 commits into from
Aug 30, 2018
Merged

[DOCS] TLS file resources are reloadable #33258

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
137bfc1
Point out TLS-related files reloadability
jkakavas Aug 22, 2018
3a6d8bb
[DOCS] Adds optional step for changing reload interval
lcawl Aug 24, 2018
4846ee0
Revert "[DOCS] Adds optional step for changing reload interval"
lcawl Aug 28, 2018
df5b5c6
[DOCS] Clarify TLS file notes
lcawl Aug 28, 2018
da4aebf
Merge remote-tracking branch 'jkakavas/tls-reloading-docs' into tls-r…
jkakavas Aug 30, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 11 additions & 1 deletion x-pack/docs/en/security/securing-communications/tls-http.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,17 @@ bin/elasticsearch-keystore add xpack.security.http.ssl.secure_key_passphrase

. Restart {es}.

NOTE: All TLS-related node settings are considered to be highly sensitive and
[NOTE]
===============================
* All TLS-related node settings are considered to be highly sensitive and
therefore are not exposed via the
{ref}/cluster-nodes-info.html#cluster-nodes-info[nodes info API] For more
information about any of these settings, see <<security-settings>>.

* {es} monitors all files such as certificates, keys, keystores, or truststores
that are configured as values of TLS-related node settings. If you update any of
these files (for example, when your hostnames change or your certificates are
due to expire), {es} reloads them. The files are polled for changes at
a frequency determined by the global {es} `resource.reload.interval.high`
setting, which defaults to 5 seconds.
===============================
12 changes: 11 additions & 1 deletion x-pack/docs/en/security/securing-communications/tls-transport.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,17 @@ vice-versa). After enabling TLS you must restart all nodes in order to maintain
communication across the cluster.
--

NOTE: All TLS-related node settings are considered to be highly sensitive and
[NOTE]
===============================
* All TLS-related node settings are considered to be highly sensitive and
therefore are not exposed via the
{ref}/cluster-nodes-info.html#cluster-nodes-info[nodes info API] For more
information about any of these settings, see <<security-settings>>.

* {es} monitors all files such as certificates, keys, keystores, or truststores
that are configured as values of TLS-related node settings. If you update any of
these files (for example, when your hostnames change or your certificates are
due to expire), {es} reloads them. The files are polled for changes at
a frequency determined by the global {es} `resource.reload.interval.high`
setting, which defaults to 5 seconds.
===============================