[beatCM] 6.5.0 Internal Certificate authority, or Mismatch host how to configure?

ToddFerg · November 16, 2018, 4:02am

When I am attempting to enroll a beat to centralized management I'm receiving this error:

[root@dactyl filebeat]# filebeat -e -v enroll https://thehostname:5601 thetokengivenbykibana -E setup.kibana.ssl.verification_mode=none
2018-11-15T22:02:16.466-0600 INFO instance/beat.go:616 Home path: [/usr/share/filebeat] Config path: [/etc/filebeat] Data path: [/var/lib/filebeat] Logs path: [/var/log/filebeat]
2018-11-15T22:02:16.467-0600 INFO instance/beat.go:623 Beat UUID: 96539986-712a-4b88-b757-9a8faf291d2f
2018-11-15T22:02:16.467-0600 INFO kibana/client.go:118 Kibana url: https://thesamehostname:5601
Error while enrolling: fail to execute the HTTP POST request: Post https://thesamehostname5601/api/beats/agent/96539986-xxxx-4b88-xxx-9a8faf291d2f: x509: certificate signed by unknown authority

I'm trying to just get it connected, I also have a case where a hostname mismatches (I blame nat), How would one go about specifiying a CA, or ssl verification none?

steffens · November 16, 2018, 1:38pm

You will have to add your CA certificate to the systems CA list.

system · December 14, 2018, 3:50pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat setup x509: certificate signed by unknown authority Beats beats-module , filebeat	4	5834	July 14, 2022
Central Management filebeat enrollment fail Beats	5	1766	February 1, 2019
Filebeat certificate issue while setting up Kibana dashboard Beats filebeat	1	333	December 13, 2019
509: certificate signed by unknown authority Kibana elastic-stack-security	14	2487	January 19, 2023
Winlogbeat getting x509: certificate signed by unknown authority while setting up Kibana Beats	19	8911	April 19, 2018

[beatCM] 6.5.0 Internal Certificate authority, or Mismatch host how to configure?

Related topics