I’m running ES / Kibana 6.7.1 and I’m getting the following warning in the 7.0 upgrade assistant:
TLS v1.0 has been removed from default TLS/SSL protocols These ssl contexts rely on the default TLS/SSL protocols: [searchguard.ssl] (nodes impacted: [list of all my nodes])
The documentation link just takes me to a page stating that TLS v1.0 has been removed, but I’ve got the following in my elasticsearch.yml
searchguard.ssl.http.enabled_protocols: - "TLSv1.1" - "TLSv1.2"
…so that doesn’t seem to be the problem.
Obviously I can’t upgrade anything yet until SG is released for 7.0, but I’m trying to fix as much pre-upgrade stuff as I can. Is this something I need to resolve myself, or will it be sorted with the 7.0 SG release?