wazuh · mcasas993 · Dec 10, 2024 · Dec 10, 2024 · Dec 11, 2024 · Dec 12, 2024
@@ -179,6 +179,8 @@ testClusters.integTest {
     keystore 'm_api.auth.username', 'admin'
     keystore 'm_api.auth.password', 'test'
     keystore 'm_api.uri', 'https://127.0.0.1:55000' // base URI of the M_API
+    // add customized setting
+    setting 'ssl.http.pemtrustedcas_filepath', '/etc/wazuh-indexer/certs/root-ca.pem';
 }
 
 run {

@@ -165,7 +165,8 @@ public List<Setting<?>> getSettings() {
                 // Register API settings
                 PluginSettings.M_API_AUTH_USERNAME,
                 PluginSettings.M_API_AUTH_PASSWORD,
-                PluginSettings.M_API_URI);
+                PluginSettings.M_API_URI,
+                PluginSettings.WAZUH_INDEXER_CA_CERT_PATH);
     }
 
     @Override

@@ -78,8 +78,8 @@ public CompletableFuture<RestStatus> asyncCreate(Document document) {
                                     this.clusterService,
                                     CommandManagerPlugin.COMMAND_MANAGER_INDEX_TEMPLATE_NAME)) {
                                 IndexTemplateUtils.putIndexTemplate(
-                                    this.client,
-                                    CommandManagerPlugin.COMMAND_MANAGER_INDEX_TEMPLATE_NAME);
+                                        this.client,
+                                        CommandManagerPlugin.COMMAND_MANAGER_INDEX_TEMPLATE_NAME);
                             } else {
                                 log.info(
                                         "Index template {} already exists. Skipping creation.",

@@ -8,7 +8,6 @@
  */
 package com.wazuh.commandmanager.jobscheduler;
 
-import com.wazuh.commandmanager.utils.IndexTemplateUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.opensearch.action.index.IndexRequest;
@@ -27,6 +26,7 @@
 import java.util.concurrent.ExecutorService;
 
 import com.wazuh.commandmanager.CommandManagerPlugin;
+import com.wazuh.commandmanager.utils.IndexTemplateUtils;
 
 /** Indexes the command job to the Jobs index. */
 public class JobDocument {
@@ -51,7 +51,12 @@ public static JobDocument getInstance() {
      * @return a CompletableFuture that will hold the IndexResponse.
      */
     public CompletableFuture<IndexResponse> create(
-        ClusterService clusterService, Client client, ThreadPool threadPool, String id, String jobName, Integer interval) {
+            ClusterService clusterService,
+            Client client,
+            ThreadPool threadPool,
+            String id,
+            String jobName,
+            Integer interval) {
         CompletableFuture<IndexResponse> completableFuture = new CompletableFuture<>();
         ExecutorService executorService = threadPool.executor(ThreadPool.Names.WRITE);
         CommandManagerJobParameter jobParameter =
@@ -67,13 +72,15 @@ public CompletableFuture<IndexResponse> create(
             executorService.submit(
                     () -> {
                         try (ThreadContext.StoredContext ignored =
-                                 threadPool.getThreadContext().stashContext()) {
-                            if (!IndexTemplateUtils.indexTemplateExists(clusterService,CommandManagerPlugin.JOB_INDEX_TEMPLATE_NAME)) {
-                                IndexTemplateUtils.putIndexTemplate(client, CommandManagerPlugin.JOB_INDEX_TEMPLATE_NAME);
+                                threadPool.getThreadContext().stashContext()) {
+                            if (!IndexTemplateUtils.indexTemplateExists(
+                                    clusterService, CommandManagerPlugin.JOB_INDEX_TEMPLATE_NAME)) {
+                                IndexTemplateUtils.putIndexTemplate(
+                                        client, CommandManagerPlugin.JOB_INDEX_TEMPLATE_NAME);
                             } else {
                                 log.info(
-                                    "Index template {} already exists. Skipping creation.",
-                                    CommandManagerPlugin.JOB_INDEX_NAME);
+                                        "Index template {} already exists. Skipping creation.",
+                                        CommandManagerPlugin.JOB_INDEX_NAME);
                             }
                             IndexResponse indexResponse = client.index(indexRequest).actionGet();
                             completableFuture.complete(indexResponse);

@@ -54,10 +54,8 @@
  * submitting them to the destination client.
  */
 public class SearchThread implements Runnable {
-    public static final String COMMAND_STATUS_FIELD =
-            Command.COMMAND + "." + Command.STATUS;
-    public static final String COMMAND_ORDER_ID_FIELD =
-            Command.COMMAND + "." + Command.ORDER_ID;
+    public static final String COMMAND_STATUS_FIELD = Command.COMMAND + "." + Command.STATUS;
+    public static final String COMMAND_ORDER_ID_FIELD = Command.COMMAND + "." + Command.ORDER_ID;
     public static final String COMMAND_TIMEOUT_FIELD = Command.COMMAND + "." + Command.TIMEOUT;
     public static final String DELIVERY_TIMESTAMP_FIELD = Document.DELIVERY_TIMESTAMP;
     private static final Logger log = LogManager.getLogger(SearchThread.class);
@@ -95,10 +93,7 @@ public static <T> T getNestedObject(Map<String, Object> map, String key, Class<T
             return type.cast(value);
         } else {
             throw new ClassCastException(
-                "Expected "
-                    + type.getName()
-                    + " but found "
-                    + value.getClass().getName());
+                    "Expected " + type.getName() + " but found " + value.getClass().getName());
         }
     }
 
@@ -114,7 +109,8 @@ public void handlePage(SearchResponse searchResponse) throws IllegalStateExcepti
         SearchHits searchHits = searchResponse.getHits();
         ArrayList<Object> orders = new ArrayList<>();
         for (SearchHit hit : searchHits) {
-            Map<String, Object> orderMap = getNestedObject(hit.getSourceAsMap(), Command.COMMAND, Map.class);
+            Map<String, Object> orderMap =
+                    getNestedObject(hit.getSourceAsMap(), Command.COMMAND, Map.class);
             if (orderMap != null) {
                 orderMap.put("document_id", hit.getId());
                 orders.add(orderMap);
@@ -169,21 +165,21 @@ private SimpleHttpResponse deliverOrders(String orders) {
     @SuppressWarnings("unchecked")
     private void setSentStatus(SearchHit hit) throws IllegalStateException {
         Map<String, Object> commandMap =
-            getNestedObject(
-                hit.getSourceAsMap(),
-                CommandManagerPlugin.COMMAND_DOCUMENT_PARENT_OBJECT_NAME,
-                Map.class);
+                getNestedObject(
+                        hit.getSourceAsMap(),
+                        CommandManagerPlugin.COMMAND_DOCUMENT_PARENT_OBJECT_NAME,
+                        Map.class);
         commandMap.put(Command.STATUS, Status.SENT);
         hit.getSourceAsMap()
-            .put(CommandManagerPlugin.COMMAND_DOCUMENT_PARENT_OBJECT_NAME, commandMap);
+                .put(CommandManagerPlugin.COMMAND_DOCUMENT_PARENT_OBJECT_NAME, commandMap);
         IndexRequest indexRequest =
-            new IndexRequest()
-                .index(CommandManagerPlugin.COMMAND_MANAGER_INDEX_NAME)
-                .source(hit.getSourceAsMap())
-                .id(hit.getId());
+                new IndexRequest()
+                        .index(CommandManagerPlugin.COMMAND_MANAGER_INDEX_NAME)
+                        .source(hit.getSourceAsMap())
+                        .id(hit.getId());
         this.client
-            .index(indexRequest)
-            .actionGet(CommandManagerPlugin.DEFAULT_TIMEOUT_SECONDS * 1000);
+                .index(indexRequest)
+                .actionGet(CommandManagerPlugin.DEFAULT_TIMEOUT_SECONDS * 1000);
     }
 
     /**

@@ -21,6 +21,8 @@
 import reactor.util.annotation.NonNull;
 
 public class PluginSettings {
+    private static final Logger log = LogManager.getLogger(PluginSettings.class);
+    private static PluginSettings instance;
 
     /** The access key (ie login username) for connecting to api. */
     public static final Setting<SecureString> M_API_AUTH_USERNAME =
@@ -34,8 +36,13 @@ public class PluginSettings {
     public static final Setting<SecureString> M_API_URI =
             SecureSetting.secureString("m_api.uri", null);
 
-    private static final Logger log = LogManager.getLogger(PluginSettings.class);
-    private static PluginSettings instance;
+    /** The key of the path where is located the wazuh indexer CA certificate. */
+    public static final Setting<String> WAZUH_INDEXER_CA_CERT_PATH =
+            Setting.simpleString("ssl.http.pemtrustedcas_filepath", Setting.Property.NodeScope);
+
+    /** The default value to path where is located the wazuh indexer CA certificate. */
+    private static final String DEFAULT_WAZUH_INDEXER_CA_CERT_PATH =
+            "/etc/wazuh-indexer/certs/root-ca.pem";
 
     /** The access key (ie login username) for connecting to api. */
     private final SecureString authUsername;
@@ -46,13 +53,21 @@ public class PluginSettings {
     /** The uri for connecting to api. */
     private final SecureString uri;
 
+    /** The path where is located the wazuh indexer CA certificate. */
+    private final String wazuhIndexerCACertPath;
+
     /** Private default constructor */
     private PluginSettings(@NonNull final Settings settings) {
         log.info("Plugin created with the keystore information.");
 
         this.authUsername = M_API_AUTH_USERNAME.get(settings);
         this.authPassword = M_API_AUTH_PASSWORD.get(settings);
         this.uri = M_API_URI.get(settings);
+
+        this.wazuhIndexerCACertPath =
+                (settings != null && WAZUH_INDEXER_CA_CERT_PATH.get(settings) != null)
+                        ? WAZUH_INDEXER_CA_CERT_PATH.get(settings)
+                        : DEFAULT_WAZUH_INDEXER_CA_CERT_PATH;
     }
 
     /**
@@ -95,6 +110,11 @@ public String getUri(String path) throws URISyntaxException {
         return new URIBuilder(getUri()).setPath(path).build().toString();
     }
 
+
+    public String getWazuhIndexerCACertPath() {
+        return wazuhIndexerCACertPath;
+    }
+
     @Override
     public String toString() {
         return "PluginSettings{"
@@ -107,6 +127,9 @@ public String toString() {
                 + ", uri='"
                 + getUri()
                 + '\''
+                + ", wazuhIndexerCACertPath='"
+                + getWazuhIndexerCACertPath()
+                + '\''
                 + '}';
     }
 }
@@ -8,7 +8,6 @@
  */
 package com.wazuh.commandmanager.utils;
 
-import com.wazuh.commandmanager.index.CommandIndex;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.opensearch.action.admin.indices.template.put.PutIndexTemplateRequest;
@@ -90,14 +89,15 @@ public static Map<String, Object> get(Map<String, Object> map, String key) {
      */
     public static boolean indexTemplateExists(ClusterService clusterService, String templateName) {
         Map<String, IndexTemplateMetadata> templates =
-            clusterService.state().metadata().templates();
+                clusterService.state().metadata().templates();
         log.debug("Existing index templates: {} ", templates);
 
         return templates.containsKey(templateName);
     }
 
     /**
      * Inserts an index template
+     *
      * @param templateName : The name if the index template to load
      */
     public static void putIndexTemplate(Client client, String templateName) {
@@ -106,14 +106,14 @@ public static void putIndexTemplate(Client client, String templateName) {
             Map<String, Object> template = IndexTemplateUtils.fromFile(templateName + ".json");
 
             PutIndexTemplateRequest putIndexTemplateRequest =
-                new PutIndexTemplateRequest()
-                    .mapping(IndexTemplateUtils.get(template, "mappings"))
-                    .settings(IndexTemplateUtils.get(template, "settings"))
-                    .name(templateName)
-                    .patterns((List<String>) template.get("index_patterns"));
+                    new PutIndexTemplateRequest()
+                            .mapping(IndexTemplateUtils.get(template, "mappings"))
+                            .settings(IndexTemplateUtils.get(template, "settings"))
+                            .name(templateName)
+                            .patterns((List<String>) template.get("index_patterns"));
 
             AcknowledgedResponse acknowledgedResponse =
-                client.admin().indices().putTemplate(putIndexTemplateRequest).actionGet();
+                    client.admin().indices().putTemplate(putIndexTemplateRequest).actionGet();
             if (acknowledgedResponse.isAcknowledged()) {
                 log.info("Index template [{}] created successfully", templateName);
             }