Fix code scanning alert - Disabled TLS certificate check #44

xco-sk · 2022-10-27T11:08:38Z

Currently, the Kibana client falls back to InsecureSkipVerify if the certificate is not defined in the config and the URL starts with https://. While this was fine for testing, the production code should raise an exception in such a case, navigating the user to properly configure the certificate used for communication with Kibana.

Tracking issue for:

https://github.com/xco-sk/eck-custom-resources/security/code-scanning/1

The text was updated successfully, but these errors were encountered:

…d-tls-certificate-check #44 Fix code scanning alert - Disabled TLS certificate check

xco-sk added bug Something isn't working kibana labels Oct 27, 2022

xco-sk self-assigned this Oct 27, 2022

xco-sk pushed a commit that referenced this issue Oct 27, 2022

#44 Fix code scanning alert - Disabled TLS certificate check

f009180

xco-sk linked a pull request Oct 27, 2022 that will close this issue

#44 Fix code scanning alert - Disabled TLS certificate check #45

Merged

xco-sk closed this as completed in #45 Oct 27, 2022

xco-sk added a commit that referenced this issue Oct 27, 2022

Merge pull request #45 from xco-sk/44-fix-code-scanning-alert-disable…

8b8ee1e

…d-tls-certificate-check #44 Fix code scanning alert - Disabled TLS certificate check

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix code scanning alert - Disabled TLS certificate check #44

Fix code scanning alert - Disabled TLS certificate check #44

xco-sk commented Oct 27, 2022 •

edited

Loading

Fix code scanning alert - Disabled TLS certificate check #44

Fix code scanning alert - Disabled TLS certificate check #44

Comments

xco-sk commented Oct 27, 2022 • edited Loading

xco-sk commented Oct 27, 2022 •

edited

Loading