Comment 5 for bug 1885110

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla-ansible (stable/train)

Reviewed: https://review.opendev.org/738307
Committed: https://git.openstack.org/cgit/openstack/kolla-ansible/commit/?id=aa2d2b53452a614a5d3f08c3c66009f0c2a226a0
Submitter: Zuul
Branch: stable/train

commit aa2d2b53452a614a5d3f08c3c66009f0c2a226a0
Author: Mark Goddard <email address hidden>
Date: Fri Jun 19 12:56:54 2020 +0000

    Verify TLS by default for Kibana to Elasticsearch

    Currently, if internal TLS communication is enabled, Kibana to
    Elasticsearch communication is unverified. This is because we set
    elasticsearch.ssl.verificationMode to 'none' by default (via
    kibana_elasticsearch_ssl_verify). This is poor a security
    posture.

    This change changes the default value of
    'kibana_elasticsearch_ssl_verify' to 'true'.

    Change-Id: Ie4fa8e3a60d69cf5c4bdd975030c92be8113ffb1
    Closes-Bug: #1885110
    (cherry picked from commit e91fd969ace4c83cd461378419dd6aa96399edc2)