Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass ServerName in the ConnInfo packet #9

Merged
merged 1 commit into from
Jun 1, 2020
Merged

Pass ServerName in the ConnInfo packet #9

merged 1 commit into from
Jun 1, 2020

Conversation

blakerouse
Copy link
Contributor

To easy the process of selecting the correct TLS certificate for the incoming connection on the Elastic Agent side a unique ServerName will be generated per spawned applications. When that client connects back to the Elastic Agent with that ServerName the matching certificate will be required on the Elastic Agent side and be verified.

This means to connect back to Elastic Agent you need 5 things for it to accept the connection:

  1. Unique Token
  2. Root CA
  3. Unique Server Name
  4. Peer Private Key
  5. Peer Private Cert

The unique token is not used as the ServerName because I want to ensure that is always encrypted and in a verified connection before it is sent back.

@blakerouse blakerouse mentioned this pull request May 29, 2020
Merged
4 tasks
@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: [Pull request #9 opened]

  • Start Time: 2020-05-29T21:42:53.834+0000

  • Duration: 5 min 29 sec

@blakerouse blakerouse requested a review from a team June 1, 2020 15:26
@ph ph added the Team:Elastic-Agent Label for the Agent team label Jun 1, 2020
michalpristas
michalpristas approved these changes Jun 1, 2020
View reviewed changes
Copy link
Contributor

@michalpristas michalpristas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@blakerouse blakerouse merged commit d6a9eb4 into elastic:master Jun 1, 2020
@blakerouse blakerouse deleted the server-name-conn-info branch June 1, 2020 15:57
v1v pushed a commit to v1v/elastic-agent-client that referenced this pull request Sep 5, 2022
@kvch
Merge pull request elastic#9 from elastic/kuisathaverat-patch-1
79c685a 
fix: Use the workspace as HOME
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michalpristas michalpristas michalpristas approved these changes

@ph ph ph approved these changes

Assignees
No one assigned
Labels
Team:Elastic-Agent Label for the Agent team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@blakerouse @elasticmachine @ph @michalpristas