the great ssl refactor

2026-06-16 07:08:41 +02:00 · 2025-12-11 17:30:06 -05:00
parent 545060103a
commit b9ff1704b0
58 changed files with 1236 additions and 1159 deletions
@@ -1,3 +1,8 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
 trusttheca:
  file.absent:
    - name: /etc/pki/tls/certs/intca.crt
@@ -14,6 +19,14 @@ influxdb_crt:
  file.absent:
    - name: /etc/pki/influxdb.crt

+telegraf_key:
+  file.absent:
+    - name: /etc/pki/telegraf.key
+
+telegraf_crt:
+  file.absent:
+    - name: /etc/pki/telegraf.crt
+
 redis_key:
  file.absent:
    - name: /etc/pki/redis.key
@@ -42,11 +55,13 @@ registry_crt:
  file.absent:
    - name: /etc/pki/registry.crt

-/etc/pki/elasticsearch.key:
-  file.absent: []
+elasticsearch_key:
+  file.absent:
+    - name: /etc/pki/elasticsearch.key

-/etc/pki/elasticsearch.crt:
-  file.absent: []
+elasticsearch_crt:
+  file.absent:
+    - name: /etc/pki/elasticsearch.crt

 remove_elasticsearch.p12:
  file.absent:
@@ -75,6 +90,7 @@ fbcertdir:
 kafka_crt:
  file.absent:
    - name: /etc/pki/kafka.crt
+
 kafka_key:
  file.absent:
    - name: /etc/pki/kafka.key
@@ -82,9 +98,67 @@ kafka_key:
 kafka_logstash_crt:
  file.absent:
    - name: /etc/pki/kafka-logstash.crt
+
 kafka_logstash_key:
  file.absent:
    - name: /etc/pki/kafka-logstash.key
+
 kafka_logstash_keystore:
  file.absent:
    - name: /etc/pki/kafka-logstash.p12
+
+elasticfleet_agent_crt:
+  file.absent:
+    - name: /etc/pki/elasticfleet-agent.crt
+
+elasticfleet_agent_key:
+  file.absent:
+    - name: /etc/pki/elasticfleet-agent.key
+
+elasticfleet_agent_p8:
+  file.absent:
+    - name: /etc/pki/elasticfleet-agent.p8
+
+elasticfleet_kafka_crt:
+  file.absent:
+    - name: /etc/pki/elasticfleet-kafka.crt
+
+elasticfleet_kafka_key:
+  file.absent:
+    - name: /etc/pki/elasticfleet-kafka.key
+
+elasticfleet_logstash_crt:
+  file.absent:
+    - name: /etc/pki/elasticfleet-logstash.crt
+
+elasticfleet_logstash_key:
+  file.absent:
+    - name: /etc/pki/elasticfleet-logstash.key
+
+elasticfleet_logstash_p8:
+  file.absent:
+    - name: /etc/pki/elasticfleet-logstash.p8
+
+elasticfleet_lumberjack_crt:
+  file.absent:
+    - name: /etc/pki/elasticfleet-lumberjack.crt
+
+elasticfleet_lumberjack_key:
+  file.absent:
+    - name: /etc/pki/elasticfleet-lumberjack.key
+
+elasticfleet_lumberjack_p8:
+  file.absent:
+    - name: /etc/pki/elasticfleet-lumberjack.p8
+
+elasticfleet_server_crt:
+  file.absent:
+    - name: /etc/pki/elasticfleet-server.crt
+
+elasticfleet_server_key:
+  file.absent:
+    - name: /etc/pki/elasticfleet-server.key
+
+filebeat_p8:
+  file.absent:
+    - name: /etc/pki/filebeat.p8