Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bind process to localhost only if demo certificates are used #1626

Closed
setiah opened this issue Feb 17, 2022 · 1 comment
Closed

Bind process to localhost only if demo certificates are used #1626

setiah opened this issue Feb 17, 2022 · 1 comment

Comments

@setiah
Copy link

setiah commented Feb 17, 2022
edited
Loading

Related to opensearch-project/OpenSearch#1618

The ask here is to bind the OpenSearch process to only localhost if demo certificates are being used. This would put essential guardrails on using the insecure demo certs by dis-allowing public traffic and restricting the use only for dev/testing purpose.

Please note - This is an optional FR for now, as the demo certificates may end up getting deprecated altogether.
@setiah setiah mentioned this issue Feb 17, 2022
Open
8 tasks
@setiah setiah transferred this issue from opensearch-project/OpenSearch Feb 17, 2022
@setiah setiah mentioned this issue Feb 22, 2022
Open
@setiah
Copy link
Author

setiah commented Apr 6, 2022

This could be an issue for existing users using demo certs, when migrating to latest version with rolling upgrade as the binding might prevent cluster formation. An easier path forward would be deprecating the demo certificates itself. Closing this out for lack of better data points in favor of this.

@setiah setiah closed this as completed Apr 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@setiah