hay
i got a new elk server but CA stuff built the certificate with "Signature Algorithm: sha256WithRSAEncryption"
when i execute the command :
curl -u elastic --cacert /etc/elasticsearch/crt/ca.crt -XGET "https://devlnxxxxxxx.xxx.local:9200/_cat/indices?pretty&s=index"
the response is :
curl: (35) SSL received a record that exceeded the maximum permissible length
i tried to execute with --cipher and i got time out
curl -u elastic --ciphers dhe_rsa_aes_256_cbc_sha_256 --cacert /etc/elasticsearch/crt/ca.crt -XGET "https://devlnxxxxxxx.xxx.local:9200/_cat/indices?pretty&s=index"
curl: (28) Operation timed out after 300426 milliseconds with 0 out of 0 bytes received
the output of openssl on this certificate start like this :
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:89:2d:29:5b:63:32:ab:41:27:6f:1e:48:f5:48:6b
Signature Algorithm: sha256WithRSAEncryption
my curl version is
curl --version
curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.36 zlib/1.2.7 libidn/1.28 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz unix-sockets
elasticsearch version is 7.2
how can i run the command with the accurate parameters ?
thks alot