Module: LogStash::Util::ManticoreSSLConfigHelper

Extended by:
ManticoreSSLConfigHelper
Included in:
ElasticsearchClient::RubyClient, Modules::KibanaClient, ManticoreSSLConfigHelper
Defined in:
lib/logstash/util/manticore_ssl_config_helper.rb

Instance Method Summary collapse

Instance Method Details

#manticore_ssl_options_from_config(namespace, settings) ⇒ Hash<Symbol,Object>

Extract Manticore-style SSL directives from the given configuration.

Parameters:

  • namespace (String)

    a string namespace (e.g., ‘kibana` in `var.kibana.ssl.*`)

  • settings (Hash<String,Object>)

    a collection of Manticore-friendly SSL directives. if SSL explicitly disabled, an empty hash will be returned.

Returns:

  • (Hash<Symbol,Object>) 


14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'lib/logstash/util/manticore_ssl_config_helper.rb', line 14

def manticore_ssl_options_from_config(namespace, settings)
  ssl_settings = strip_prefix(settings, "var.#{namespace}.ssl.")

  # boolean settings may be strings if set through the cli
  # or booleans if set through the yaml file, so we use .to_s
  if ssl_settings.include?('enabled') && !coerce_boolean(ssl_settings['enabled'])
    logger.warn('SSL explicitly disabled; other SSL settings will be ignored') if logger && ssl_settings.size > 1
    return {}
  end

  {
      :verify      => ssl_settings.fetch('verification_mode', :strict).to_sym,
      :ca_file     => ssl_settings.fetch('certificate_authority', nil),
      :client_cert => ssl_settings.fetch('certificate', nil),
      :client_key  => ssl_settings.fetch('key', nil),
  }
end