After upgrading to 8.19.5(?)+, Elastic Agent no longer uses the configured proxy, resulting in a 'no such host' error when trying to download binaries.

Summary of Issue: Elastic Agent Binary Download Failing with DNS Error Since 8.19.5+

Environment Details

The Problem

Our Elastic Stack infrastructure is air-gapped and relies on a proxy for all external communications, including updating Elastic Agents. The proxy settings are configured in Kibana via:

• Management > Fleet > Settings > Proxies

• Management > Fleet > Settings > Agent Binary Download (set to use the configured proxy)

This setup worked perfectly for agent upgrades up to and including version 8.19.4.

Since attempting to upgrade agents to version 8.19.5 (or any subsequent version like 8.19.8), the upgrade process fails with a DNS resolution error:

"The agent cannot find the binaries at https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-8.19.8-linux-x86_64.tar.gz because when attempting to resolve artifacts.elastic.co on the infrastructure's resolver (10.80.243.2:53), it receives the response: 'no such host'."

Expected vs. Actual Behavior

• Expected Behavior: Because the proxy is configured for Agent Binary Download, the request for artifacts.elastic.co should be routed through the proxy, which handles the external DNS resolution and connection, as it did in previous versions.

• Actual Behavior: The agent appears to be ignoring the Fleet proxy configuration for the binary download step and attempts a direct DNS resolution using the local infrastructure's resolver, which has no internet access, causing the failure.

Question for the Community

Has there been a documented change in the behavior or priority of proxy configuration for the Elastic Agent's binary download process in versions 8.19.5 or higher? We need a configuration fix or guidance on how to ensure the Fleet Agent strictly uses the configured proxy or the proper air-gapped/offline methods for binary retrieval.