Hello, can somebody help me with certificate creation? Here is my screens
Hi @Yerbolat_Talasbekov Welcome to the Community!
1st please do not post images of text, the are hard to read , debug, search and some people can not event see them.
First question is
What version?
How did you install?
Exactly What Command are you running?
From Exactly what Directory?
And is the ca file (ohh yeah see I can not cut-n-paste it because and image) in the right place and readable
I would use a full path to the ca file not relarive
Hi sir , I am new to ELK stack , can you help me to secure ELK. Can not understand what certifications i need to generate. For example to secure filebeat and elasticsearch, or filebeat and logstash.
and how to generate this certifications.
My elasticsearch version is 8.12.1, and I installed it with rpm packet on CentOS 7.
If you installed with package all the certificate were created for you automatically.
Did you follow the official documentation? I would read it carefully and follow the steps carefully
Here
Everything is setup for you and displayed to the console.
Sir, at the begin I wanted to to send nginx logs in filebeat by nhinx module, when I wrote the command filebeat setup -e the output was:
Exiting: couldn't connect to any of the configured Elasticsearch hosts. Errors: [error connecting to Elasticsearch at https: // X.X.X.X: 9200: Get https:// X.X.X.X :9200: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "Elasticsearch security auto-configuration HTTP CA")]
I tried to recreate certificates again but unsuccesfully....
Do not recreate the certificates they were probably correct... We just need to check a few things THEN If there is an issue you can recreate.
You need to provide the CA to filebeat or use trusted fingerprint or use
First got to the filebeat box and run
curl -k -v -u elastic https://elasticip:9200
Show the command and output
Also please provide your full filebeat.yml in text .. format with 3 backticks ` before and after
Read this as well as we will end up providing...
IF we need to regenerate the http cert we will after we check everything else
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.