Add in-place SSL certs hot reload documentation #9103
Conversation
willyborankin
requested review from
kolchfa-aws,
Naarcha-AWS,
AMoo-Miki,
natebower,
dlvenable and
epugh
as code owners
|
Thank you for submitting your PR. The PR states are In progress (or Draft) -> Tech review -> Doc review -> Editorial review -> Merged. Before you submit your PR for doc review, make sure the content is technically accurate. If you need help finding a tech reviewer, tag a maintainer. When you're ready for doc review, tag the assignee of this PR. The doc reviewer may push edits to the PR directly or leave comments and editorial suggestions for you to address (let us know in a comment if you have a preference). The doc reviewer will arrange for an editorial review. |
willyborankin
force-pushed
the
ssl-certs-hot-reload
branch
2 times, most recently
from
0311b99 to
b0e6a5b
Compare
Signed-off-by: Andrey Pleskach <[email protected]>
willyborankin
force-pushed
the
ssl-certs-hot-reload
branch
from
b0e6a5b to
b8a2928
Compare
Naarcha-AWS
added
release-notes
Signed-off-by: Naarcha-AWS <[email protected]>
|
@cwperks or @stephen-crawford: Can one of you look over this PR for technical accuracy? |
Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS <[email protected]>
_security/configuration/tls.md
Outdated
|
|
||
| ### Using the Reload Certificates API | ||
|
|
||
| Add the following to enable hot reloading using the Reload Certificates API: |
There was a problem hiding this comment.
Can we link to the Reload Certificates API documentation?
There was a problem hiding this comment.
@cwperks: Documentation doesn't exist for this API beyond what's on this page, https://opensearch.org/docs/latest/security/configuration/tls/#hot-reloading-tls-certificates. I made an issue to track progress on creating that page. #9147
Signed-off-by: Naarcha-AWS <[email protected]>
Co-authored-by: Craig Perkins <[email protected]> Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS <[email protected]>
Naarcha-AWS
added
4 - Doc review
Co-authored-by: Craig Perkins <[email protected]> Signed-off-by: Naarcha-AWS <[email protected]>
Naarcha-AWS
added
5 - Editorial review
|
@natebower: This is ready for editorial review. |
There was a problem hiding this comment.
@Naarcha-AWS @willyborankin Please see my comments and changes and let me know if you have any questions. Thanks!
_security/configuration/tls.md
Outdated
| ```json | ||
| curl --cacert <ca.pem> --cert <admin.pem> --key <admin.key> -XPUT https://localhost:9200/_plugins/_security/api/ssl/transport/reloadcerts | ||
| ``` | ||
| {% include copy.html %} |
There was a problem hiding this comment.
Should this have a copy as cURL button?
_security/configuration/tls.md
Outdated
| ```json | ||
| curl --cacert <ca.pem> --cert <admin.pem> --key <admin.key> -XPUT https://localhost:9200/_plugins/_security/api/ssl/http/reloadcerts | ||
| ``` | ||
| {% include copy.html %} |
There was a problem hiding this comment.
Should this have a copy as cURL button?
Co-authored-by: Nathan Bower <[email protected]> Signed-off-by: Naarcha-AWS <[email protected]>
Signed-off-by: Naarcha-AWS <[email protected]>
Description
Added in-place SSL certs hot reload documentation for the issue #opensearch-project/security#4427.
Issues Resolved
Closes #[insert issue number]
Version
List the OpenSearch version to which this PR applies, e.g. 2.14, 2.12--2.14, or all.
Frontend features
If you're submitting documentation for an OpenSearch Dashboards feature, add a video that shows how a user will interact with the UI step by step. A voiceover is optional.
Checklist
For more information on following Developer Certificate of Origin and signing off your commits, please check here.