search

elastic / uptime

This project includes resources and general issue tracking for the Elastic Uptime solution
12 stars 3 forks source link

[Synthetics UI] TLS UI should be oriented around SANs, not CNs #464

Open andrewvc opened 2 years ago

andrewvc commented 2 years ago

Our current TLS UI (pictured below) has a row per certificate, prominently featuring the CommonName field, which is deprecated in favor of SANs in modern TLS. Chrome, in fact, requires SANs in all certs. It's also common to have long lists of SANs (whereby the cert applies to multiple sites), sometimes in the thousands.

I propose that we improve the TLS view by:

  1. Showing the first 3 SANs in the table instead of the CN, with (+ 34 more) if there are additional SANs. If the user has entered a query in the search bar that SAN would be included as the first SAN (maybe even highlighted).
  2. Provide a way to expand the full list of SANs, possibly by adding a drawer to each row

The current page is pictured below:

image

Dealing with performance / storage implications of indexing all SANs

This dovetails with https://github.com/elastic/synthetics/issues/466 , where we removed the SAN list from synthetics checks, since these could often be quite large, some times hundreds of KiB. In an ideal world we wouldn't duplicate SAN data so much.

To beat these space requirements I propose we edit the mappings to:

  1. Stop storing the SANs in the ES doc _source
  2. Continue indexing them as keywords

That should dramatically reduce the storage space required since the ES index will de-duplicate the subject alternative names.