Some plugins have e.g. a ssl_verify => peer option to control certificate verification.
However the output does not provide such option, as the http_client mixin lacks the necessary support.
Hostname verification setting. Set to :disable to turn off hostname verification. Setting to :browser will cause Manticore to accept a certificate for .foo.com for all subdomains and sub-subdomains (eg a.b.foo.com).
The default :strict is like :browser except it'll only accept a single level of subdomains for wildcards, eg b.foo.com will be accepted for a `.foo.comcertificate, buta.b.foo.com` will not be.
p.s. Here's how Beats implements ssl.verification_mode, maybe something to consider while future proofing this for a "unified plugin TLS configuration" experience
Some plugins have e.g. a
ssl_verify => peeroption to control certificate verification. However the output does not provide such option, as the http_client mixin lacks the necessary support.Seems the option existed at some point, but was a noop.
https://github.com/logstash-plugins/logstash-mixin-http_client/issues/35
Manticore supports the
:strictoption as:p.s. Here's how Beats implements
ssl.verification_mode, maybe something to consider while future proofing this for a "unified plugin TLS configuration" experience