From 551617bd322e2b855ccf19375650348fda77938a Mon Sep 17 00:00:00 2001 From: thiagoftsm Date: Mon, 29 Jul 2019 12:27:32 +0000 Subject: Add configurable default locations for trusted CA certificates (#6549) * sslcertificate: Trust certificate The netdata could not allow invalid certificate or certificate with invalid chain this commit fixes this! * sslcertificate: Changing name We are binging the same names used by the OpenSSL library to simplify the understand of the parameters * sslcertificate: Name changes and explicity directory This commit fix the problem with Streams and rename correctly the files in the option, it also uses stat to define the existence of a file * sslcertificate: Documentation Fix grammar for the newest section in the documentation * sslcertificate: Rename variables The old variables did not represent well what they are doing, so it was renamed --- streaming/stream.conf | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'streaming/stream.conf') diff --git a/streaming/stream.conf b/streaming/stream.conf index 0d360cc24f..fdff1f25fc 100644 --- a/streaming/stream.conf +++ b/streaming/stream.conf @@ -41,6 +41,22 @@ # #ssl skip certificate verification = yes + # Certificate Authority Path + # + # OpenSSL has a default directory where the known certificates are stored, + # case it is necessary it is possible to change this rule using the variable + # "CApath" + # + #CApath = /etc/ssl/certs/ + + # Certificate Authority file + # + # When the Netdata master has certificate, that is not recognized as valid, + # we can add this certificate in the list of known certificates in CApath + # and give for Netdata as argument. + # + #CAfile = /etc/ssl/certs/cert.pem + # The API_KEY to use (as the sender) api key = -- cgit v1.2.3