Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Note S3 plugin uses JVM-wide truststore (#77676)

Today it's not clear how to tell Elasticsearch to trust an S3-compatible
repository that presents a certificate issued by a private or
nonstandard CA. This commit expands the docs to say how.

Supersedes #65034
Relates #77081

Co-authored-by: Joost De Cock <joost@decock.org>

Co-authored-by: Joost De Cock <joost@decock.org>
David Turner 4 years ago
parent
8aed79fadb
commit
5fd0a1710b
1 changed files with 4 additions and 1 deletions
Split View Show Diff Stats
  1. 4 1
      docs/plugins/repository-s3.asciidoc

+ 4 - 1
docs/plugins/repository-s3.asciidoc
View File 

@@ -125,7 +125,10 @@ settings belong in the `elasticsearch.yml` file.
 
 `protocol`::
 
 
     The protocol to use to connect to S3. Valid values are either `http` or
 
-    `https`. Defaults to `https`.
 
+    `https`. Defaults to `https`. When using HTTPS, this plugin validates the
 
+    repository's certificate chain using the JVM-wide truststore. Ensure that
 
+    the root certificate authority is in this truststore using the JVM's
 
+    `keytool` tool.
 
 
 `proxy.host`::