Can't install Fleet Server on Ubuntu instance

Elastic Stack Beats
,
1

Hi all!
Unfortunately, I didn't find suitable topics!
I have these configs:

  1. Fleet settings

    Screenshot 2021-10-14 at 17.06.25
    Screenshot 2021-10-14 at 17.06.251922×998 79.9 KB

  2. Tried to enroll and install elastic agent two ways:

sudo ./elastic-agent install -f --url=https://10.2.5.2:8220 --fleet-server-es=https://ELK_SRV:9200 --fleet-server-es-ca=/root/ca/elastic.pem --fleet-server-service-token=XXXXXXXXXXXXXXXXXX

sudo ./elastic-agent enroll -f --fleet-server-es=https://ELK_SRV:9200 --fleet-server-es-ca=/root/ca/elastic.pem --fleet-server-service-token=XXXXXXXXXXXXXXXXXX

Anyway, I got this message:

Error: fail to enroll: fail to execute request to fleet-server: fail to decode enrollment response: context canceled

And it is infinitely updating of Elastic Agents with Fleet Server policies.

Screenshot 2021-10-14 at 17.13.19
Screenshot 2021-10-14 at 17.13.192420×958 176 KB

Also, I tried to use the default way:

 sudo ./elastic-agent install --url=https://10.2.5.2:8220 \
 -f \
 --fleet-server-es=https://ELK_SRV:9200 \
 --fleet-server-service-token=XXXXXXXXXXXXXXXXXX \
 --fleet-server-policy=XXXXXXXXXXXXXXXXXX \
 --certificate-authorities=/root/ca/elastic.pem \
 --fleet-server-es-ca=/root/ca/elastic.pem \
 --fleet-server-cert=/root/ca/server.crt \
 --fleet-server-cert-key=/root/ca/server.key

But got
Error: fail to enroll: fail to execute request to fleet-server: x509: certificate signed by unknown authority

The full error is below:

2021-10-14T14:17:16.533Z	INFO	cmd/enroll_cmd.go:701	Fleet Server - Starting
2021-10-14T14:17:22.548Z	INFO	cmd/enroll_cmd.go:706	Fleet Server - Starting
2021-10-14T14:17:28.557Z	INFO	cmd/enroll_cmd.go:706	Fleet Server - Starting
2021-10-14T14:17:34.567Z	INFO	cmd/enroll_cmd.go:706	Fleet Server - Starting
2021-10-14T14:17:40.576Z	INFO	cmd/enroll_cmd.go:706	Fleet Server - Starting
2021-10-14T14:17:46.589Z	INFO	cmd/enroll_cmd.go:706	Fleet Server - Starting
2021-10-14T14:17:49.595Z	INFO	cmd/enroll_cmd.go:682	Fleet Server - Running on policy with Fleet Server integration: 856f4eb0-122f-11ec-8308-176e4cb272f3; missing config fleet.agent.id (expected during bootstrap process)
2021-10-14T14:17:49.601Z	INFO	cmd/enroll_cmd.go:414	Starting enrollment to URL: https://10.2.5.2:8220/
Error: fail to enroll: fail to execute request to fleet-server: x509: certificate signed by unknown authority
Error: enroll command failed with exit code: 1

The server.crt and server.key were issued by the OpenSSL tool on the host where I'm trying to install the Fleet Server.

Thank you for any help!

2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.