Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

[DOCS] TLS file resources are reloadable (#33258)

Make clearer that file resources that are used as key trust material
are polled and will be reloaded upon modification.
Ioannis Kakavas 7 years ago
parent
b6f762d131
commit
557eabf7b5
2 changed files with 22 additions and 2 deletions
Split View Show Diff Stats
  1. 11 1
      x-pack/docs/en/security/securing-communications/tls-http.asciidoc
  2. 11 1
      x-pack/docs/en/security/securing-communications/tls-transport.asciidoc

+ 11 - 1
x-pack/docs/en/security/securing-communications/tls-http.asciidoc
View File 

@@ -77,7 +77,17 @@ bin/elasticsearch-keystore add xpack.security.http.ssl.secure_key_passphrase
 
 
 . Restart {es}.
 
 
-NOTE: All TLS-related node settings are considered to be highly sensitive and
 
+[NOTE]
 
+===============================
 
+* All TLS-related node settings are considered to be highly sensitive and
 
 therefore are not exposed via the
 
 {ref}/cluster-nodes-info.html#cluster-nodes-info[nodes info API] For more
 
 information about any of these settings, see <<security-settings>>.
 
+
 
+* {es} monitors all files such as certificates, keys, keystores, or truststores 
+that are configured as values of TLS-related node settings. If you update any of 
+these files (for example, when your hostnames change or your certificates are 
+due to expire), {es} reloads them. The files are polled for changes at 
+a frequency determined by the global {es} `resource.reload.interval.high` 
+setting, which defaults to 5 seconds.
 
+===============================

+ 11 - 1
x-pack/docs/en/security/securing-communications/tls-transport.asciidoc
View File 

@@ -95,7 +95,17 @@ vice-versa). After enabling TLS you must restart all nodes in order to maintain
 
 communication across the cluster.
 
 --
 
 
-NOTE: All TLS-related node settings are considered to be highly sensitive and
 
+[NOTE]
 
+===============================
 
+* All TLS-related node settings are considered to be highly sensitive and
 
 therefore are not exposed via the
 
 {ref}/cluster-nodes-info.html#cluster-nodes-info[nodes info API] For more
 
 information about any of these settings, see <<security-settings>>.
 
+
 
+* {es} monitors all files such as certificates, keys, keystores, or truststores 
+that are configured as values of TLS-related node settings. If you update any of 
+these files (for example, when your hostnames change or your certificates are 
+due to expire), {es} reloads them. The files are polled for changes at 
+a frequency determined by the global {es} `resource.reload.interval.high` 
+setting, which defaults to 5 seconds.
 
+===============================