(from github.com/crpgbogor)
Hi, how can we enable ssl/https? I red somewhere in the docs that we can enable port 8443 in the conf/server.xml. But, where can we deploy our ssl cert? Thanks!
(from github.com/marevol)
We expect to use Web server, such as Apache, as a reverse proxy to enable ssl.
(from github.com/robinComa)
Hello all,
I want an end to end security between FESS and elasticsearch.
So the reverse proxy solution is not good for my case.
Have you got a solution?
Do you plan something for next release?
Thanks,
(from github.com/marevol)
This issue also described a communication between users and Fess.
For Fess<->Elasticsearch and Elasticsearch<->Elasticsearch, I think that it’s better to use a closed internal network/devices.
If you need to use SSL/TLS, a solution may be X-Pack.
(from github.com/robinComa)
Thanks for answer.
My Elasticsearch cluster is already SSL secured. Now I need to configure FESS to connect to it, but I don’t see the SSL settings (certificates, etc…) in FESS. Any idea?
(from github.com/marevol)
TransportClient in Fess may be able to configure SSL/TLS setting, but I cannot try it…
I think that a simple way is: (installing Fess and Elasticserch into the same server)
Fess(Host1)<-local(plain)->Elasticsearch(Host1)<-tls->Elasticsearch Cluster(Others)
I’m not sure that x-pack uses http/transport with/without ssl/tls at the same time…
(from github.com/robinComa)
Ok, if I fork the project and I find a solution, could I offer a pull request?
(from github.com/Dave-c-Ross)
Hi @robinComa I’m realy interested about this feature, did you find a way to use an Elastic cluster with X-Pack/SSL and FESS ?
(from github.com/acossette1979)
We have request the commercial version to create a version to support xpack but it is not working with SSL/TLS on the ES transport. I’m looking into it now. @robinComa
(from github.com/robinComa)
Hello @Dave-c-Ross and @acossette1979
We achieve it on our private repository.
I will do a PR to the official repo next week.
@marevol , Will you be able to merge it if the code is ok?
(from github.com/marevol)
Any PR is welcome, but for dependencies to X-Pack, we will be not able to merge it. X-Pack is not OSS…
(from acossette1979 (Amélie) · GitHub)
nice perfect.
Thank you very much.
On Thu, Mar 22, 2018, 17:52 Robin Coma Delperier, notifications@github.com
wrote:
Hello @Dave-c-Ross https://github.com/dave-c-ross and @acossette1979
https://github.com/acossette1979
We achieve it on our private repository.
I will do a PR to the official repo next week.
@marevol https://github.com/marevol , Will you be able to merge it if
the code is ok?—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/codelibs/fess/issues/1162#issuecomment-375469738, or mute
the thread
https://github.com/notifications/unsubscribe-auth/AWGlIW_PE4qIuyTReUsTu9y_Er3vfRmqks5thB0RgaJpZM4OXQNK
.
(from github.com/robinComa)
Hello @marevol I propose this PR :
https://github.com/codelibs/fess/pull/1610
What do you think about it?
Hope this is your point @acossette1979
(from github.com/marevol)
I removed modifications for CurlHelper because it’s supported in fess-xpack.
For X-Pack support, see https://github.com/codelibs/fess-xpack.