Best practis for agents enrollment with fleet on ECK

Hello everyone,

i'm currently using ECK for my elastic stack, i installed agents on some laptops and they enrolled successfully with fleet ( they go by the public network, both elasticsearch and fleet are exposed ), but i'm not really sure if i'm doing it the right way, more precisely the secure way, and i cant find any doc about best practice for this point on ECK

At the moment i enroll elastic agents to my fleet servers only by token i just add --insecure to the commands and the enrollment is done

from my server side the stack uses self signed certs but the ingress uses a cert signed by a well known source, i tried both ssl.verification_mode None and Certificate but the agents keeps enrolling with the token only

so is this the good aproach or is there a better way to do so

Best Regards

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.