Can not create certificates for elasticsearch

Hello, can somebody help me with certificate creation? Here is my screens

Hi @Yerbolat_Talasbekov Welcome to the Community!

1st please do not post images of text, the are hard to read , debug, search and some people can not event see them.

First question is

What version?

How did you install?

Exactly What Command are you running?

From Exactly what Directory?

And is the ca file (ohh yeah see I can not cut-n-paste it because and image) in the right place and readable

I would use a full path to the ca file not relarive

Hi sir , I am new to ELK stack , can you help me to secure ELK. Can not understand what certifications i need to generate. For example to secure filebeat and elasticsearch, or filebeat and logstash.

and how to generate this certifications.

My elasticsearch version is 8.12.1, and I installed it with rpm packet on CentOS 7.

If you installed with package all the certificate were created for you automatically.

Did you follow the official documentation? I would read it carefully and follow the steps carefully

Here

Everything is setup for you and displayed to the console.

Sir, at the begin I wanted to to send nginx logs in filebeat by nhinx module, when I wrote the command filebeat setup -e the output was:

Exiting: couldn't connect to any of the configured Elasticsearch hosts. Errors: [error connecting to Elasticsearch at https: // X.X.X.X: 9200: Get https:// X.X.X.X :9200: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "Elasticsearch security auto-configuration HTTP CA")]

I tried to recreate certificates again but unsuccesfully....

@Yerbolat_Talasbekov

Do not recreate the certificates they were probably correct... We just need to check a few things THEN If there is an issue you can recreate.

You need to provide the CA to filebeat or use trusted fingerprint or use

First got to the filebeat box and run

curl -k -v -u elastic https://elasticip:9200

Show the command and output

Also please provide your full filebeat.yml in text .. format with 3 backticks ` before and after

Read this as well as we will end up providing...

IF we need to regenerate the http cert we will after we check everything else

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.