Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ssl agent ca configuration entry #6083

Merged
merged 3 commits into from
Nov 2, 2023
Merged

Add ssl agent ca configuration entry #6083

merged 3 commits into from
Nov 2, 2023

Conversation

asteriscos
Copy link
Member

@asteriscos asteriscos commented Oct 31, 2023
edited
Loading

Description

Hi team,
this PR adds ssl_agent_ca to Management -> Configuration -> Registration service with the label "Path to the CA certificate used to verify clients".
Also, it changes the previous label from "" to "Verify host when a CA certificate is specified"

Evidence

image

Test

  • Add the ssl_agent_ca entry to the ossec.conf file and restart the manager.
  • Verify this configuration entry is included in the Management -> Configuration -> Registration service
<!-- Configuration for wazuh-authd -->
  <auth>
    <disabled>no</disabled>
    <port>1515</port>
    <use_source_ip>no</use_source_ip>
    <purge>yes</purge>
    <use_password>no</use_password>
    <ciphers>HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH</ciphers>
    <ssl_agent_ca>etc/sslmanager.cert</ssl_agent_ca>
    <ssl_verify_host>no</ssl_verify_host>
    <ssl_manager_cert>etc/sslmanager.cert</ssl_manager_cert>
    <ssl_manager_key>etc/sslmanager.key</ssl_manager_key>
    <ssl_auto_negotiate>no</ssl_auto_negotiate>
  </auth>

Check List

  • All tests pass
    • yarn test:jest
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@asteriscos asteriscos requested a review from a team as a code owner October 31, 2023 16:16
@github-actions GitHub Actions
Copy link
Contributor

Code coverage (Jest) % values
Statements 11.71% ( 4041 / 34489 )
Branches 7.96% ( 1855 / 23280 )
Functions 11.21% ( 925 / 8246 )
Lines 11.89% ( 3929 / 33024 )

@lucianogorza lucianogorza self-requested a review October 31, 2023 17:43
yenienserrano
yenienserrano approved these changes Nov 1, 2023
View reviewed changes
Copy link
Member

@yenienserrano yenienserrano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

image

image

@chantal-kelm chantal-kelm self-requested a review November 1, 2023 13:32
chantal-kelm
chantal-kelm approved these changes Nov 1, 2023
View reviewed changes
Copy link
Member

@chantal-kelm chantal-kelm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

@lucianogorza lucianogorza removed their request for review November 1, 2023 13:33
@asteriscos asteriscos self-assigned this Nov 2, 2023
@asteriscos asteriscos merged commit 077ee53 into 4.8.0 Nov 2, 2023
2 checks passed
@asteriscos asteriscos deleted the enhance/add-ssl_agent_ca-configuration-entry-9 branch November 2, 2023 09:20
@asteriscos asteriscos mentioned this pull request Jan 15, 2024
Closed
1 task
@lucianogorza lucianogorza mentioned this pull request Feb 6, 2024
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yenienserrano yenienserrano yenienserrano approved these changes

@chantal-kelm chantal-kelm chantal-kelm approved these changes

Assignees

@asteriscos asteriscos

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@asteriscos @yenienserrano @chantal-kelm