Module: Elasticsearch::API::SSL::Actions

Defined in:

lib/elasticsearch/api/actions/ssl/certificates.rb

Instance Method Summary

• #certificates(arguments = {}) ⇒ Object

  Get SSL certificates.

Instance Method Details

#certificates(arguments = {}) ⇒ Object

Get SSL certificates. Get information about the X.509 certificates that are used to encrypt communications in the cluster. The API returns a list that includes certificates from all TLS contexts including:

• Settings for transport and HTTP interfaces

• TLS settings that are used within authentication realms

• TLS settings for remote monitoring exporters

The list includes certificates that are used for configuring trust, such as those configured in the ‘xpack.security.transport.ssl.truststore` and `xpack.security.transport.ssl.certificate_authorities` settings. It also includes certificates that are used for configuring server identity, such as `xpack.security.http.ssl.keystore` and `xpack.security.http.ssl.certificate settings`. The list does not include certificates that are sourced from the default SSL context of the Java Runtime Environment (JRE), even if those certificates are in use within Elasticsearch. NOTE: When a PKCS#11 token is configured as the truststore of the JRE, the API returns all the certificates that are included in the PKCS#11 token irrespective of whether these are used in the Elasticsearch TLS configuration. If Elasticsearch is configured to use a keystore or truststore, the API output includes all certificates in that store, even though some of the certificates might not be in active use within the cluster.

Parameters:

• arguments (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (arguments):

• :error_trace (Boolean) —

  When set to ‘true` Elasticsearch will include the full stack trace of errors when they occur.

• :filter_path (String, Array<String>) —

  Comma-separated list of filters in dot notation which reduce the response returned by Elasticsearch.

• :human (Boolean) —

  When set to ‘true` will return statistics in a format suitable for humans. For example `“exists_time”: “1h”` for humans and `“exists_time_in_millis”: 3600000` for computers. When disabled the human readable values will be omitted. This makes sense for responses being consumed only by machines.

• :pretty (Boolean) —

  If set to ‘true` the returned JSON will be “pretty-formatted”. Only use this option for debugging only.

• :headers (Hash) —

  Custom HTTP headers

See Also:

• https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-ssl-certificates

# File 'lib/elasticsearch/api/actions/ssl/certificates.rb', line 52

def certificates(arguments = {})
  request_opts = { endpoint: arguments[:endpoint] || 'ssl.certificates' }

  arguments = arguments.clone
  headers = arguments.delete(:headers) || {}

  body = nil

  method = Elasticsearch::API::HTTP_GET
  path   = '_ssl/certificates'
  params = Utils.process_params(arguments)

  Elasticsearch::API::Response.new(
    perform_request(method, path, params, body, headers, request_opts)
  )
end