testssl.sh-masscan icon indicating copy to clipboard operation
testssl.sh-masscan copied to clipboard

Published 20 hours ago verified publisher icon TKCERT

XPACK/Secure Elasticsearch Communications Support

Open bionicspy opened this issue 7 years ago • 0 comments

There is no default support for secure elasticsearch parameters communications such as XPACK protected cluster. (suspect others like SHIELD and SearchGaurd protected clusters will have similar requirements)

(Verified workaround on Elasticsearch 5.6.3 with XPACK enabled) Suggest adding additional (or potentially optional) dependency (pip install certifi) and add line import certifi to import section of import_testssl.sh_csv_to_ES.py

Note: When using non-public CA for elasticsearch cluster, you must also append CA (and Intermediate, if required) to certifi cacert.pem chain. cat root-ca.pem >> /usr/lib/python3.4/site-packages/certifi/cacert.pem cat intermediate-ca.pem >> /usr/lib/python3.4/site-packages/certifi/cacert.pem (Tested Python 3.4 on CentOS 7.4)

Enables (XPACK enabled cluster with encrypted communications and authentication) ./import_testssl.sh_csv_to_ES.py *.csv --elasticsearch https://username:[email protected]:9200

  • where username, has been granted write privileges to testssl-* indexes

bionicspy avatar Dec 28 '17 14:12 bionicspy