Uploaded image for project: 'Observability Documentation'
  1. Observability Documentation
  2. OBSDOCS-100

Requirements for when log forwarding when using SSL/TLS are wrong

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • Logging
    • None
    • OBSDOCS (Dec 4 - Dev 25) #246
    • Critical
    • Proposed

      [URL]

      https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-external.html#cluster-logging-collector-log-forward-es_cluster-logging-external

      [Section]

      All section in the URL indicated

      [DESCRIPTION]

      Starting in RHOL 5.3 where relaxed the authorization Requirements for Log Forwarding implemented in "https://issues.redhat.com/browse/LOG-1468". Then, the phrases in the documentation as:

      "must have keys of: `tls.crt`, `tls.key`, and `ca-bundle.crt` that point to the respective certificates that they represent"

      are not more valid since now it's allowed to use for example only the `ca-bundle.crt` and not needed the `tls.crt`, `tls.key`.

      This is valid for Elasticsearch and I suspect that it should be valid for the rest of the outputs: kafka, loki, etc, but engineering should confirm this.

      Best regards,
      Oscar

              abrennan@redhat.com Ashleigh Brennan
              rhn-support-ocasalsa Oscar Casal Sanchez
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: