add a variable to define elasticsearch.ssl.verificationMode in kibana

2020-05-28 11:18:21 +02:00 · 2020-05-28 11:18:21 +02:00 · 81c2df4fff
commit 81c2df4fff
parent 5603faa1f2
2 changed files with 2 additions and 1 deletions
--- a/roles/elastic-stack/ansible-kibana/defaults/main.yml
+++ b/roles/elastic-stack/ansible-kibana/defaults/main.yml
@ -26,6 +26,7 @@ wazuh_api_credentials:

 # Xpack Security
 kibana_xpack_security: false
+kibana_ssl_verification_mode: "full"

 elasticsearch_xpack_security_user: elastic
 elasticsearch_xpack_security_password: elastic_pass
--- a/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
+++ b/roles/elastic-stack/ansible-kibana/templates/kibana.yml.j2
@ -110,7 +110,7 @@ elasticsearch.password: "{{ elasticsearch_xpack_security_password }}"
 server.ssl.enabled: true
 server.ssl.key: "{{node_certs_destination}}/{{ kibana_node_name }}.key"
 server.ssl.certificate: "{{node_certs_destination}}/{{ kibana_node_name }}.crt"
-elasticsearch.ssl.verificationMode: certificate
+elasticsearch.ssl.verificationMode: "{{ kibana_ssl_verification_mode }}"
 {% if generate_CA == true %}
 elasticsearch.ssl.certificateAuthorities: ["{{ node_certs_destination }}/ca.crt"]
 {% elif generate_CA == false %}