Skip to content

Commit 8d27c6f

Browse files
VijayanBVijayanB
committed
Include public certificate
This gem is cryptographically signed. To be sure the gem you install hasn’t been tampered with: Add certs/opensearch-rubygems.pem (if you haven’t already) as a trusted certificate gem cert --add <(curl -Ls certs/opensearch-rubygems.pem) gem install logstash-output-openserach -P HighSecurity The HighSecurity trust profile will verify signed gems, and allow only if all the dependencies are signed. This is created by following https://guides.rubygems.org/security/#building-gems Signed-off-by: Vijayan Balasubramanian <balasvij@amazon.com>
1 parent 8aae7ca commit 8d27c6f

File tree

2 files changed

+23
-0
lines changed

2 files changed

+23
-0
lines changed

certs/opensearch-rubygems.pem

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIDfDCCAmSgAwIBAgIBATANBgkqhkiG9w0BAQUFADBCMRMwEQYDVQQDDApvcGVu
3+
c2VhcmNoMRYwFAYKCZImiZPyLGQBGRYGYW1hem9uMRMwEQYKCZImiZPyLGQBGRYD
4+
Y29tMB4XDTIxMDgwMjIxMDQwM1oXDTIyMDgwMjIxMDQwM1owQjETMBEGA1UEAwwK
5+
b3BlbnNlYXJjaDEWMBQGCgmSJomT8ixkARkWBmFtYXpvbjETMBEGCgmSJomT8ixk
6+
ARkWA2NvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM1z3/jcitjV
7+
umXwRFn+JSBBd36qZB54Dtucf6+E2fmNPzBRhgYN5XJy/+clQJ9NIJV7C8H52P3V
8+
dsce/VXcNAcgfUdlN57nM0ksjFFNlnHWXea8Ub9/6R1K0p1RBizEINzUneoJLvqe
9+
7w/KfvBJStj7AmJgZmzCiu98j75YLcdLhZQykRyJdB03wZsMQUvxPFkhTZn+Qi8k
10+
0U909l9JD0i1PC0xVukYlskUA2xeo36kMMllABJGN536Z0aIT2KX2XTiKK7hILoP
11+
+flNmgA4eyXa5Ki9q4HBN6QhsTKdEinqGngQnUI35YTu2AHsvfjn1wP/nUa9aRVH
12+
zfR37/NQFkECAwEAAaN9MHswCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0O
13+
BBYEFJJ2myhLXK742btavNbG0IWrMNBIMCAGA1UdEQQZMBeBFW9wZW5zZWFyY2hA
14+
YW1hem9uLmNvbTAgBgNVHRIEGTAXgRVvcGVuc2VhcmNoQGFtYXpvbi5jb20wDQYJ
15+
KoZIhvcNAQEFBQADggEBAE7gBP5ecTtKb04qmEsnbJ6+yn0LUSmxPabFBnB6h1+T
16+
XW8BvBw9MpE//5fQf4HSia3m9XjRpl4WxBcJiyfLER64tk/c1JLhV2+rq3CCV/be
17+
DFSP6gY93kK7jwauajGQvyHzORaW1TBM6diIRYCMLY7Isf+PTHl0xhZZBSVm8wl6
18+
IstV+mTP2KC1l7hSzUDb4rrOSnpRB7AEczcDdkjwzHKIlw8rcL+PLLnFTOgqKyq3
19+
yXikuH6LEVykA8pgOcB9gKsB2/zMd2ZlSj2monM8Qw9EfB14ZSDTYS8VYuwWCeF0
20+
eFmXXk0ufQFKl1Yll7quHkmQ0PzKkvXTpONBT6qPkXE=
21+
-----END CERTIFICATE-----

logstash-output-opensearch.gemspec

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,8 @@ Gem::Specification.new do |s|
1818
# Tests
1919
s.test_files = s.files.grep(%r{^(test|spec|features)/})
2020

21+
s.cert_chain = ['certs/opensearch-rubygems.pem']
22+
2123
# Special flag to let us know this is actually a logstash plugin
2224
s.metadata = {
2325
"logstash_plugin" => "true",

0 commit comments

Comments
 (0)