mark deprecated ssl_cacert option as obsolete

jsvd · jsvd · commit 74b4c6bd4016 · 2017-08-01T16:57:05.000+01:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,5 @@
 ## 6.0.0
-  - Mark deprecated :data_timeout option as obsolete
+  - Mark deprecated :data_timeout and :ssl_cacert options as obsolete
 
 ## 5.0.0
   - Changed the behaviour of the `host` field to contain the resolved peer hostname for a connection instead of its peer IP
diff --git a/docs/index.asciidoc b/docs/index.asciidoc
@@ -131,15 +131,6 @@ When mode is `client`, the port to connect to.
 Proxy protocol support, only v1 is supported at this time
 http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt
 
-[id="plugins-{type}s-{plugin}-ssl_cacert"]
-===== `ssl_cacert`  (DEPRECATED)
-
-  * DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
-  * Value type is <<path,path>>
-  * There is no default value for this setting.
-
-The SSL CA certificate, chainfile or CA path. The system CA path is automatically included.
-
 [id="plugins-{type}s-{plugin}-ssl_cert"]
 ===== `ssl_cert` 
 
diff --git a/lib/logstash/inputs/tcp.rb b/lib/logstash/inputs/tcp.rb
@@ -90,8 +90,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
   # For input, sets the field `sslsubject` to that of the client certificate.
   config :ssl_verify, :validate => :boolean, :default => true
 
-  # The SSL CA certificate, chainfile or CA path. The system CA path is automatically included.
-  config :ssl_cacert, :validate => :path, :deprecated => "This setting is deprecated in favor of ssl_extra_chain_certs as it sets a more clear expectation to add more X509 certificates to the store"
+  config :ssl_cacert, :validate => :path, :obsolete => "This setting is obsolete. Use ssl_extra_chain_certs instead"
 
   # SSL certificate path
   config :ssl_cert, :validate => :path
@@ -314,11 +313,6 @@ def ssl_context
   def load_cert_store
     cert_store = OpenSSL::X509::Store.new
     cert_store.set_default_paths
-    if File.directory?(@ssl_cacert)
-      cert_store.add_path(@ssl_cacert)
-    else
-      cert_store.add_file(@ssl_cacert)
-    end if @ssl_cacert
     @ssl_extra_chain_certs.each do |cert|
       cert_store.add_file(cert)
     end
