From 2912829411867d221c13b35f37ab6aa0aac2edd7 Mon Sep 17 00:00:00 2001 From: Claire Date: Wed, 7 Feb 2024 13:09:43 +0100 Subject: [PATCH] Add support for specifying custom CA cert for Elasticsearch (#29122) --- config/initializers/chewy.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/config/initializers/chewy.rb b/config/initializers/chewy.rb index 076f383324..0fb311dbb3 100644 --- a/config/initializers/chewy.rb +++ b/config/initializers/chewy.rb @@ -7,6 +7,9 @@ user = ENV.fetch('ES_USER', nil).presence password = ENV.fetch('ES_PASS', nil).presence fallback_prefix = ENV.fetch('REDIS_NAMESPACE', nil).presence prefix = ENV.fetch('ES_PREFIX') { fallback_prefix } +ca_file = ENV.fetch('ES_CA_CERT', nil).presence + +transport_options = { ssl: { ca_file: ca_file } } if ca_file.present? Chewy.settings = { host: "#{host}:#{port}", @@ -18,6 +21,7 @@ Chewy.settings = { index: { number_of_replicas: ['single_node_cluster', nil].include?(ENV['ES_PRESET'].presence) ? 0 : 1, }, + transport_options: transport_options, } # We use our own async strategy even outside the request-response