From 66a2c7dc43baa11d428b26c0df9c21ca39aa781f Mon Sep 17 00:00:00 2001 From: Alexandra Doak Date: Wed, 30 Oct 2024 12:20:40 -0700 Subject: [PATCH 1/2] Removing xpack.actions.customHostSettings.ssl.rejectUnauthorized --- docs/settings/alert-action-settings.asciidoc | 5 --- x-pack/plugins/actions/server/index.test.ts | 8 +--- x-pack/plugins/actions/server/index.ts | 43 +------------------- 3 files changed, 4 insertions(+), 52 deletions(-) diff --git a/docs/settings/alert-action-settings.asciidoc b/docs/settings/alert-action-settings.asciidoc index db36248ef194f..0d800529dc337 100644 --- a/docs/settings/alert-action-settings.asciidoc +++ b/docs/settings/alert-action-settings.asciidoc @@ -112,11 +112,6 @@ A boolean value indicating that TLS must be used for this connection. The options `smtp.ignoreTLS` and `smtp.requireTLS` can not both be set to true. Default: `false`. -`xpack.actions.customHostSettings[n].ssl.rejectUnauthorized`:: -deprecated:[8.0.0] Use <> instead. A boolean value indicating whether to bypass server certificate validation. -Overrides the general `xpack.actions.rejectUnauthorized` configuration -for requests made for this hostname/port. - [[action-config-custom-host-verification-mode]] `xpack.actions.customHostSettings[n].ssl.verificationMode` {ess-icon}:: Controls the verification of the server certificate that {kib} receives when making an outbound SSL/TLS connection to the host server. Valid values are `full`, `certificate`, and `none`. Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. Default: `full`. <>. Overrides the general `xpack.actions.ssl.verificationMode` configuration diff --git a/x-pack/plugins/actions/server/index.test.ts b/x-pack/plugins/actions/server/index.test.ts index 43f69da15de2f..e12814daaa9f4 100644 --- a/x-pack/plugins/actions/server/index.test.ts +++ b/x-pack/plugins/actions/server/index.test.ts @@ -42,18 +42,14 @@ describe('index', () => { proxyRejectUnauthorizedCertificates: false, }); expect(changedPaths.unset).toStrictEqual([ - 'xpack.actions.customHostSettings.ssl.rejectUnauthorized', 'xpack.actions.rejectUnauthorized', 'xpack.actions.proxyRejectUnauthorizedCertificates', ]); - expect(messages.length).toBe(3); + expect(messages.length).toBe(2); expect(messages[0]).toBe( - '"xpack.actions.customHostSettings[].ssl.rejectUnauthorized" is deprecated.Use "xpack.actions.customHostSettings[].ssl.verificationMode" instead, with the setting "verificationMode:full" eql to "rejectUnauthorized:true", and "verificationMode:none" eql to "rejectUnauthorized:false".' - ); - expect(messages[1]).toBe( '"xpack.actions.rejectUnauthorized" is deprecated. Use "xpack.actions.ssl.verificationMode" instead, with the setting "verificationMode:full" eql to "rejectUnauthorized:true", and "verificationMode:none" eql to "rejectUnauthorized:false".' ); - expect(messages[2]).toBe( + expect(messages[1]).toBe( '"xpack.actions.proxyRejectUnauthorizedCertificates" is deprecated. Use "xpack.actions.ssl.proxyVerificationMode" instead, with the setting "proxyVerificationMode:full" eql to "rejectUnauthorized:true",and "proxyVerificationMode:none" eql to "rejectUnauthorized:false".' ); }); diff --git a/x-pack/plugins/actions/server/index.ts b/x-pack/plugins/actions/server/index.ts index 1d5aa22ba07cf..26af254dfdd35 100644 --- a/x-pack/plugins/actions/server/index.ts +++ b/x-pack/plugins/actions/server/index.ts @@ -7,7 +7,7 @@ import { get } from 'lodash'; import type { PublicMethodsOf } from '@kbn/utility-types'; import { PluginInitializerContext, PluginConfigDescriptor } from '@kbn/core/server'; -import { configSchema, ActionsConfig, CustomHostSettings } from './config'; +import { configSchema, ActionsConfig } from './config'; import { ActionsClient as ActionsClientClass } from './actions_client'; import { ActionsAuthorization as ActionsAuthorizationClass } from './authorization/actions_authorization'; @@ -51,46 +51,7 @@ export const config: PluginConfigDescriptor = { exposeToBrowser: { email: { domain_allowlist: true }, }, - deprecations: ({ renameFromRoot, unused }) => [ - renameFromRoot('xpack.actions.whitelistedHosts', 'xpack.actions.allowedHosts', { - level: 'warning', - }), - (settings, fromPath, addDeprecation) => { - const actions = get(settings, fromPath); - const customHostSettings = actions?.customHostSettings ?? []; - if ( - customHostSettings.find( - (customHostSchema: CustomHostSettings) => - Object.hasOwn(customHostSchema, 'ssl') && - Object.hasOwn(customHostSchema.ssl ?? {}, 'rejectUnauthorized') - ) - ) { - addDeprecation({ - level: 'warning', - configPath: 'xpack.actions.customHostSettings.ssl.rejectUnauthorized', - message: - `"xpack.actions.customHostSettings[].ssl.rejectUnauthorized" is deprecated.` + - `Use "xpack.actions.customHostSettings[].ssl.verificationMode" instead, ` + - `with the setting "verificationMode:full" eql to "rejectUnauthorized:true", ` + - `and "verificationMode:none" eql to "rejectUnauthorized:false".`, - correctiveActions: { - manualSteps: [ - `Remove "xpack.actions.customHostSettings[].ssl.rejectUnauthorized" from your kibana configs.`, - `Use "xpack.actions.customHostSettings[].ssl.verificationMode" ` + - `with the setting "verificationMode:full" eql to "rejectUnauthorized:true", ` + - `and "verificationMode:none" eql to "rejectUnauthorized:false".`, - ], - }, - }); - return { - unset: [ - { - path: `xpack.actions.customHostSettings.ssl.rejectUnauthorized`, - }, - ], - }; - } - }, + deprecations: () => [ (settings, fromPath, addDeprecation) => { const actions = get(settings, fromPath); if (Object.hasOwn(actions ?? {}, 'rejectUnauthorized')) { From 961356c4b33c03cc64d4728be2b7765f07a47acc Mon Sep 17 00:00:00 2001 From: Alexandra Doak Date: Wed, 30 Oct 2024 13:00:55 -0700 Subject: [PATCH 2/2] Removing xpack.actions.rejectUnauthorized --- docs/settings/alert-action-settings.asciidoc | 6 ---- .../resources/base/bin/kibana-docker | 1 - .../actions_client/actions_client.test.ts | 1 - .../actions/server/actions_config.test.ts | 1 - .../plugins/actions/server/actions_config.ts | 3 +- x-pack/plugins/actions/server/config.test.ts | 4 --- x-pack/plugins/actions/server/config.ts | 8 ------ x-pack/plugins/actions/server/index.test.ts | 8 +----- x-pack/plugins/actions/server/index.ts | 28 ------------------- .../axios_utils_connection.test.ts | 2 -- .../axios_utils_proxy.test.ts | 2 -- .../server/lib/custom_host_settings.test.ts | 12 -------- .../actions/server/lib/get_custom_agents.ts | 5 +--- x-pack/plugins/actions/server/plugin.test.ts | 3 -- .../alerting_api_integration/common/config.ts | 2 -- .../actions/connector_types/stack/webhook.ts | 18 ------------ .../actions/connector_types/stack/webhook.ts | 18 ------------ 17 files changed, 3 insertions(+), 119 deletions(-) diff --git a/docs/settings/alert-action-settings.asciidoc b/docs/settings/alert-action-settings.asciidoc index 0d800529dc337..e56450143dc08 100644 --- a/docs/settings/alert-action-settings.asciidoc +++ b/docs/settings/alert-action-settings.asciidoc @@ -200,12 +200,6 @@ deprecated:[8.0.0] Use <>. -`xpack.actions.rejectUnauthorized` {ess-icon}:: -deprecated:[8.0.0] Use <> instead. Set to `false` to bypass certificate validation for actions. Default: `true`. -+ -As an alternative to setting `xpack.actions.rejectUnauthorized`, you can use the setting -`xpack.actions.customHostSettings` to set SSL options for specific servers. - [[action-config-verification-mode]] `xpack.actions.ssl.verificationMode` {ess-icon}:: Controls the verification for the server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection for actions. Valid values are `full`, `certificate`, and `none`. Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. Default: `full`. <>. diff --git a/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker b/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker index fbe64258a5704..1cc46034e1743 100755 --- a/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker +++ b/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker @@ -223,7 +223,6 @@ kibana_vars=( xpack.actions.proxyOnlyHosts xpack.actions.proxyRejectUnauthorizedCertificates xpack.actions.proxyUrl - xpack.actions.rejectUnauthorized xpack.actions.responseTimeout xpack.actions.ssl.proxyVerificationMode xpack.actions.ssl.verificationMode diff --git a/x-pack/plugins/actions/server/actions_client/actions_client.test.ts b/x-pack/plugins/actions/server/actions_client/actions_client.test.ts index 7f15dd6287d6b..e82f7b491ec2d 100644 --- a/x-pack/plugins/actions/server/actions_client/actions_client.test.ts +++ b/x-pack/plugins/actions/server/actions_client/actions_client.test.ts @@ -600,7 +600,6 @@ describe('create()', () => { preconfiguredAlertHistoryEsIndex: false, preconfigured: {}, proxyRejectUnauthorizedCertificates: true, // legacy - rejectUnauthorized: true, // legacy proxyBypassHosts: undefined, proxyOnlyHosts: undefined, maxResponseContentLength: new ByteSizeValue(1000000), diff --git a/x-pack/plugins/actions/server/actions_config.test.ts b/x-pack/plugins/actions/server/actions_config.test.ts index a6966e0e85c40..f7542473e6f9d 100644 --- a/x-pack/plugins/actions/server/actions_config.test.ts +++ b/x-pack/plugins/actions/server/actions_config.test.ts @@ -31,7 +31,6 @@ const defaultActionsConfig: ActionsConfig = { preconfiguredAlertHistoryEsIndex: false, preconfigured: {}, proxyRejectUnauthorizedCertificates: true, // legacy - rejectUnauthorized: true, // legacy maxResponseContentLength: new ByteSizeValue(1000000), responseTimeout: moment.duration(60000), ssl: { diff --git a/x-pack/plugins/actions/server/actions_config.ts b/x-pack/plugins/actions/server/actions_config.ts index e77c0528d16a1..bfed06282a99c 100644 --- a/x-pack/plugins/actions/server/actions_config.ts +++ b/x-pack/plugins/actions/server/actions_config.ts @@ -200,8 +200,7 @@ export function getActionsConfigurationUtilities( isActionTypeEnabled, getProxySettings: () => getProxySettingsFromConfig(config), getResponseSettings: () => getResponseSettingsFromConfig(config), - getSSLSettings: () => - getSSLSettingsFromConfig(config.ssl?.verificationMode, config.rejectUnauthorized), + getSSLSettings: () => getSSLSettingsFromConfig(config.ssl?.verificationMode), ensureUriAllowed(uri: string) { if (!isUriAllowed(uri)) { throw new Error(allowListErrorMessage(AllowListingField.URL, uri)); diff --git a/x-pack/plugins/actions/server/config.test.ts b/x-pack/plugins/actions/server/config.test.ts index 5adc9c18b07a7..a3dfa17a68566 100644 --- a/x-pack/plugins/actions/server/config.test.ts +++ b/x-pack/plugins/actions/server/config.test.ts @@ -36,7 +36,6 @@ describe('config validation', () => { "preconfigured": Object {}, "preconfiguredAlertHistoryEsIndex": false, "proxyRejectUnauthorizedCertificates": true, - "rejectUnauthorized": true, "responseTimeout": "PT1M", } `); @@ -54,7 +53,6 @@ describe('config validation', () => { }, }, proxyRejectUnauthorizedCertificates: false, - rejectUnauthorized: false, }; expect(configSchema.validate(config)).toMatchInlineSnapshot(` Object { @@ -83,7 +81,6 @@ describe('config validation', () => { }, "preconfiguredAlertHistoryEsIndex": false, "proxyRejectUnauthorizedCertificates": false, - "rejectUnauthorized": false, "responseTimeout": "PT1M", } `); @@ -219,7 +216,6 @@ describe('config validation', () => { "preconfigured": Object {}, "preconfiguredAlertHistoryEsIndex": false, "proxyRejectUnauthorizedCertificates": true, - "rejectUnauthorized": true, "responseTimeout": "PT1M", "ssl": Object { "proxyVerificationMode": "none", diff --git a/x-pack/plugins/actions/server/config.ts b/x-pack/plugins/actions/server/config.ts index d806bde1fa227..4f4536810bfa8 100644 --- a/x-pack/plugins/actions/server/config.ts +++ b/x-pack/plugins/actions/server/config.ts @@ -44,10 +44,6 @@ const customHostSettingsSchema = schema.object({ ), ssl: schema.maybe( schema.object({ - /** - * @deprecated in favor of `verificationMode` - **/ - rejectUnauthorized: schema.maybe(schema.boolean()), verificationMode: schema.maybe( schema.oneOf( [schema.literal('none'), schema.literal('certificate'), schema.literal('full')], @@ -102,10 +98,6 @@ export const configSchema = schema.object({ proxyRejectUnauthorizedCertificates: schema.boolean({ defaultValue: true }), proxyBypassHosts: schema.maybe(schema.arrayOf(schema.string({ hostname: true }))), proxyOnlyHosts: schema.maybe(schema.arrayOf(schema.string({ hostname: true }))), - /** - * @deprecated in favor of `ssl.verificationMode` - **/ - rejectUnauthorized: schema.boolean({ defaultValue: true }), ssl: schema.maybe( schema.object({ verificationMode: schema.maybe( diff --git a/x-pack/plugins/actions/server/index.test.ts b/x-pack/plugins/actions/server/index.test.ts index e12814daaa9f4..c9b01e42a2c7c 100644 --- a/x-pack/plugins/actions/server/index.test.ts +++ b/x-pack/plugins/actions/server/index.test.ts @@ -37,19 +37,13 @@ describe('index', () => { describe('deprecations', () => { it('should properly unset deprecated configs', () => { const { messages, changedPaths } = applyStackAlertDeprecations({ - customHostSettings: [{ ssl: { rejectUnauthorized: false } }], - rejectUnauthorized: false, proxyRejectUnauthorizedCertificates: false, }); expect(changedPaths.unset).toStrictEqual([ - 'xpack.actions.rejectUnauthorized', 'xpack.actions.proxyRejectUnauthorizedCertificates', ]); - expect(messages.length).toBe(2); + expect(messages.length).toBe(1); expect(messages[0]).toBe( - '"xpack.actions.rejectUnauthorized" is deprecated. Use "xpack.actions.ssl.verificationMode" instead, with the setting "verificationMode:full" eql to "rejectUnauthorized:true", and "verificationMode:none" eql to "rejectUnauthorized:false".' - ); - expect(messages[1]).toBe( '"xpack.actions.proxyRejectUnauthorizedCertificates" is deprecated. Use "xpack.actions.ssl.proxyVerificationMode" instead, with the setting "proxyVerificationMode:full" eql to "rejectUnauthorized:true",and "proxyVerificationMode:none" eql to "rejectUnauthorized:false".' ); }); diff --git a/x-pack/plugins/actions/server/index.ts b/x-pack/plugins/actions/server/index.ts index 26af254dfdd35..d2ea8b917ee20 100644 --- a/x-pack/plugins/actions/server/index.ts +++ b/x-pack/plugins/actions/server/index.ts @@ -52,34 +52,6 @@ export const config: PluginConfigDescriptor = { email: { domain_allowlist: true }, }, deprecations: () => [ - (settings, fromPath, addDeprecation) => { - const actions = get(settings, fromPath); - if (Object.hasOwn(actions ?? {}, 'rejectUnauthorized')) { - addDeprecation({ - level: 'warning', - configPath: `${fromPath}.rejectUnauthorized`, - message: - `"xpack.actions.rejectUnauthorized" is deprecated. Use "xpack.actions.ssl.verificationMode" instead, ` + - `with the setting "verificationMode:full" eql to "rejectUnauthorized:true", ` + - `and "verificationMode:none" eql to "rejectUnauthorized:false".`, - correctiveActions: { - manualSteps: [ - `Remove "xpack.actions.rejectUnauthorized" from your kibana configs.`, - `Use "xpack.actions.ssl.verificationMode" ` + - `with the setting "verificationMode:full" eql to "rejectUnauthorized:true", ` + - `and "verificationMode:none" eql to "rejectUnauthorized:false".`, - ], - }, - }); - return { - unset: [ - { - path: `xpack.actions.rejectUnauthorized`, - }, - ], - }; - } - }, (settings, fromPath, addDeprecation) => { const actions = get(settings, fromPath); if (Object.hasOwn(actions ?? {}, 'proxyRejectUnauthorizedCertificates')) { diff --git a/x-pack/plugins/actions/server/integration_tests/axios_utils_connection.test.ts b/x-pack/plugins/actions/server/integration_tests/axios_utils_connection.test.ts index 200656d339ac3..14412ed9f946f 100644 --- a/x-pack/plugins/actions/server/integration_tests/axios_utils_connection.test.ts +++ b/x-pack/plugins/actions/server/integration_tests/axios_utils_connection.test.ts @@ -461,7 +461,6 @@ async function rejectUnauthorizedTargetProxyTest(opts: RunTestOptions) { await runWithSetup(opts, async (target, proxyInstance, axiosDefaults) => { const acu = getACUfromConfig({ proxyUrl: proxyInstance.url, - rejectUnauthorized: false, customHostSettings: [{ url: target.url, ssl: { verificationMode: 'none' } }], }); @@ -683,7 +682,6 @@ const BaseActionsConfig: ActionsConfig = { }, proxyBypassHosts: undefined, proxyOnlyHosts: undefined, - rejectUnauthorized: true, maxResponseContentLength: ByteSizeValue.parse('1mb'), responseTimeout: momentDuration(1000 * 30), customHostSettings: undefined, diff --git a/x-pack/plugins/actions/server/integration_tests/axios_utils_proxy.test.ts b/x-pack/plugins/actions/server/integration_tests/axios_utils_proxy.test.ts index f29b2a9855186..027b7a87db797 100644 --- a/x-pack/plugins/actions/server/integration_tests/axios_utils_proxy.test.ts +++ b/x-pack/plugins/actions/server/integration_tests/axios_utils_proxy.test.ts @@ -366,7 +366,6 @@ async function rejectUnauthorizedTargetProxyTest(opts: RunTestOptions) { await runWithSetup(opts, async (target, proxyInstance, axiosDefaults) => { const acu = getACUfromConfig({ proxyUrl: proxyInstance.url, - rejectUnauthorized: false, customHostSettings: [{ url: target.url, ssl: { verificationMode: 'none' } }], }); @@ -589,7 +588,6 @@ const BaseActionsConfig: ActionsConfig = { }, proxyBypassHosts: undefined, proxyOnlyHosts: undefined, - rejectUnauthorized: true, maxResponseContentLength: ByteSizeValue.parse('1mb'), responseTimeout: momentDuration(1000 * 30), customHostSettings: undefined, diff --git a/x-pack/plugins/actions/server/lib/custom_host_settings.test.ts b/x-pack/plugins/actions/server/lib/custom_host_settings.test.ts index 818d7fb9bcd0a..e374fb4ce076b 100644 --- a/x-pack/plugins/actions/server/lib/custom_host_settings.test.ts +++ b/x-pack/plugins/actions/server/lib/custom_host_settings.test.ts @@ -75,7 +75,6 @@ describe('custom_host_settings', () => { preconfiguredAlertHistoryEsIndex: false, preconfigured: {}, proxyRejectUnauthorizedCertificates: true, - rejectUnauthorized: true, maxResponseContentLength: new ByteSizeValue(1000000), responseTimeout: moment.duration(60000), enableFooterInEmail: true, @@ -116,14 +115,12 @@ describe('custom_host_settings', () => { url: 'https://elastic.co:443', ssl: { certificateAuthoritiesData: 'xyz', - rejectUnauthorized: false, }, }, { url: 'smtp://mail.elastic.com:25', ssl: { certificateAuthoritiesData: 'abc', - rejectUnauthorized: true, }, smtp: { ignoreTLS: true, @@ -470,15 +467,9 @@ describe('custom_host_settings', () => { customHostSettings: [ { url: 'https://almost.purrfect.com/', - ssl: { - rejectUnauthorized: true, - }, }, { url: 'https://almost.purrfect.com:443', - ssl: { - rejectUnauthorized: false, - }, }, ], }; @@ -488,9 +479,6 @@ describe('custom_host_settings', () => { customHostSettings: [ { url: 'https://almost.purrfect.com:443', - ssl: { - rejectUnauthorized: true, - }, }, ], }; diff --git a/x-pack/plugins/actions/server/lib/get_custom_agents.ts b/x-pack/plugins/actions/server/lib/get_custom_agents.ts index 26b1495902eb1..c433bec18a54b 100644 --- a/x-pack/plugins/actions/server/lib/get_custom_agents.ts +++ b/x-pack/plugins/actions/server/lib/get_custom_agents.ts @@ -59,10 +59,7 @@ export function getCustomAgents( agentOptions.ca = sslSettings.certificateAuthoritiesData; } - const sslSettingsFromConfig = getSSLSettingsFromConfig( - sslSettings.verificationMode, - sslSettings.rejectUnauthorized - ); + const sslSettingsFromConfig = getSSLSettingsFromConfig(sslSettings.verificationMode); // see: src/core/server/elasticsearch/legacy/elasticsearch_client_config.ts // This is where the global rejectUnauthorized is overridden by a custom host const customHostNodeSSLOptions = getNodeSSLOptions( diff --git a/x-pack/plugins/actions/server/plugin.test.ts b/x-pack/plugins/actions/server/plugin.test.ts index 89efb80867fd7..f9ee1df17b76f 100644 --- a/x-pack/plugins/actions/server/plugin.test.ts +++ b/x-pack/plugins/actions/server/plugin.test.ts @@ -52,7 +52,6 @@ function getConfig(overrides = {}) { proxyRejectUnauthorizedCertificates: true, proxyBypassHosts: undefined, proxyOnlyHosts: undefined, - rejectUnauthorized: true, maxResponseContentLength: new ByteSizeValue(1000000), responseTimeout: moment.duration('60s'), enableFooterInEmail: true, @@ -77,7 +76,6 @@ describe('Actions Plugin', () => { preconfiguredAlertHistoryEsIndex: false, preconfigured: {}, proxyRejectUnauthorizedCertificates: true, - rejectUnauthorized: true, maxResponseContentLength: new ByteSizeValue(1000000), responseTimeout: moment.duration(60000), enableFooterInEmail: true, @@ -578,7 +576,6 @@ describe('Actions Plugin', () => { }, }, proxyRejectUnauthorizedCertificates: true, - rejectUnauthorized: true, maxResponseContentLength: new ByteSizeValue(1000000), responseTimeout: moment.duration(60000), enableFooterInEmail: true, diff --git a/x-pack/test/alerting_api_integration/common/config.ts b/x-pack/test/alerting_api_integration/common/config.ts index 3ff3def3f4b70..b950bec076e56 100644 --- a/x-pack/test/alerting_api_integration/common/config.ts +++ b/x-pack/test/alerting_api_integration/common/config.ts @@ -88,7 +88,6 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions) verificationMode = 'full', preconfiguredAlertHistoryEsIndex = false, customizeLocalHostSsl = false, - rejectUnauthorized = true, // legacy emailDomainsAllowed = undefined, testFiles = undefined, reportName = undefined, @@ -212,7 +211,6 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions) `--xpack.alerting.enableFrameworkAlerts=true`, `--xpack.alerting.rulesSettings.cacheInterval=10000`, `--xpack.actions.enabledActionTypes=${JSON.stringify(enabledActionTypes)}`, - `--xpack.actions.rejectUnauthorized=${rejectUnauthorized}`, `--xpack.actions.microsoftGraphApiUrl=${servers.kibana.protocol}://${servers.kibana.hostname}:${servers.kibana.port}/api/_actions-FTS-external-service-simulators/exchange/users/test@/sendMail`, `--xpack.actions.ssl.verificationMode=${verificationMode}`, ...actionsProxyUrl, diff --git a/x-pack/test/alerting_api_integration/spaces_only/tests/actions/connector_types/stack/webhook.ts b/x-pack/test/alerting_api_integration/spaces_only/tests/actions/connector_types/stack/webhook.ts index ad6a8d12baed3..9a1679253c6cd 100644 --- a/x-pack/test/alerting_api_integration/spaces_only/tests/actions/connector_types/stack/webhook.ts +++ b/x-pack/test/alerting_api_integration/spaces_only/tests/actions/connector_types/stack/webhook.ts @@ -100,24 +100,6 @@ export default function webhookTest({ getService }: FtrProviderContext) { }); describe('ssl customization', () => { - it('should handle the xpack.actions.rejectUnauthorized: false', async () => { - const connectorId = 'custom.ssl.noCustom'; - const port = await getPortOfConnector(connectorId); - const server = await createTlsWebhookServer(port); - const { status, body } = await supertest - .post(`/api/actions/connector/${connectorId}/_execute`) - .set('kbn-xsrf', 'test') - .send({ - params: { - body: 'foo', - }, - }); - expect(status).to.eql(200); - server.close(); - - expect(body.status).to.eql('ok'); - }); - it('should handle the customized rejectUnauthorized: false', async () => { const connectorId = 'custom.ssl.rejectUnauthorizedFalse'; const port = await getPortOfConnector(connectorId); diff --git a/x-pack/test/alerting_api_integration/spaces_only_legacy/tests/actions/connector_types/stack/webhook.ts b/x-pack/test/alerting_api_integration/spaces_only_legacy/tests/actions/connector_types/stack/webhook.ts index 0b5edc7d972a4..68c2a9f708990 100644 --- a/x-pack/test/alerting_api_integration/spaces_only_legacy/tests/actions/connector_types/stack/webhook.ts +++ b/x-pack/test/alerting_api_integration/spaces_only_legacy/tests/actions/connector_types/stack/webhook.ts @@ -124,24 +124,6 @@ export default function webhookTest({ getService }: FtrProviderContext) { }); describe('ssl customization', () => { - it('should handle the xpack.actions.rejectUnauthorized: false', async () => { - const connectorId = 'custom.ssl.noCustom'; - const port = await getPortOfConnector(connectorId); - const server = await createTlsWebhookServer(port); - const { status, body } = await supertest - .post(`/api/actions/connector/${connectorId}/_execute`) - .set('kbn-xsrf', 'test') - .send({ - params: { - body: 'foo', - }, - }); - expect(status).to.eql(200); - server.close(); - - expect(body.status).to.eql('ok'); - }); - it('should handle the customized rejectUnauthorized: false', async () => { const connectorId = 'custom.ssl.rejectUnauthorizedFalse'; const port = await getPortOfConnector(connectorId);