[DOCS] Steps for updating TLS certificates #73781
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@elasticmachine update branch |
|
@elasticmachine update branch |
|
@elasticmachine update branch |
lockewritesdocs
added
:Security/Authentication
|
Pinging @elastic/es-docs (Team:Docs) |
|
Pinging @elastic/es-security (Team:Security) |
jkakavas
reviewed
Jun 21, 2021
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
x-pack/docs/en/security/securing-communications/update-tls-certificates.asciidoc
Outdated
Show resolved
Hide resolved
Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
|
@elasticmachine update branch |
|
@elasticmachine update branch |
|
@elasticmachine update branch |
lockewritesdocs
added
v7.12.2
auto-backport
elasticsearchmachine
pushed a commit
to elasticsearchmachine/elasticsearch
that referenced
this pull request
Jul 28, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
elasticsearchmachine
pushed a commit
to elasticsearchmachine/elasticsearch
that referenced
this pull request
Jul 28, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
elasticsearchmachine
pushed a commit
to elasticsearchmachine/elasticsearch
that referenced
this pull request
Jul 28, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
elasticsearchmachine
pushed a commit
to elasticsearchmachine/elasticsearch
that referenced
this pull request
Jul 28, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
lockewritesdocs
pushed a commit
that referenced
this pull request
Jul 28, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> Co-authored-by: Adam Locke <adam.locke@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
lockewritesdocs
pushed a commit
that referenced
this pull request
Jul 29, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> Co-authored-by: Adam Locke <adam.locke@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
lockewritesdocs
pushed a commit
that referenced
this pull request
Jul 29, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> Co-authored-by: Adam Locke <adam.locke@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
ywangd
pushed a commit
to ywangd/elasticsearch
that referenced
this pull request
Jul 30, 2021
* [DOCS] Steps for updating TLS certificates * Updates for changing CA * Updates for rotating certs with a new CA * Add instructions for generating HTTP certs with a new CA * Add steps for creating HTTP certs with new CA * Clarify note about cluser restart and other edits * Clarifying scenarios * Apply suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Incorporating review feedback and making necessary changes * Clarifications and changes regarding restarts * Remove errant --pem in basic security setup * Incorporate suggestions from code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Many, many updates. But good ones. * Add languages for snippets * Reorder steps to reference rolling restart throughout for consistency * Add clarifying what's next steps * Add instructions for updating Kibana certificate * Apply suggestions from Ioannis' stellar code review Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com> * Update instructions to use a single keystore, plus other review changes * Incorporating another round of review comments * Minor updates from reviewer feedback * Clarifying examples and fixing numbering * Skip tests that are creating unnecessary noise * Quieting other tests Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Ioannis Kakavas <ikakavas@protonmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds documentation for updating TLS certificates both when the CA remains the same and when it changes. This information focuses on PCKS#12 certificates. We can add documentation for updating PEM certificates in a separate PR.
Preview link: https://elasticsearch_73781.docs-preview.app.elstc.co/guide/en/elasticsearch/reference/master/update-node-certs.html
Closes #63953
Relates to #1644