I just setup an ECE instance using 7.9 (which I believe is the latest) and spun up a cluster for security using version 7.12. I setup a new agent and tried to enroll a windows 10 target workstation as outlined, but an getting the following error.
Error while enrolling: fail to execute the HTTP POST request: Post https://235b02623be74f1999ce940d4fd05ce22.214.171.124.121.ip.es.io:443: dial tcp 192.168.1.121:443: connectex: No connection could be made because the target machine actively refused it.
Below is the command I used to try and install it, but I get the same error every time. I also tried using the -i flag for insecure, but no change. It simply does not want to enroll.
.\elastic-agent.exe install -f --kibana-url=https://235b02623be74f1999ce940d4fd05ce126.96.36.199.121.ip.es.io:443 --enrollment-token=QTZjU2huZ0ItX2JTWHRwYzU3S3I6NkloTVd1ZDRUU2EteEtpRmEtLXc2dw==
Based on the error message it looks like kibana/fleet is refusing the connection. I verified the windows firewall on the endpoint is turned off. No network firewall in between the endpoint and the elastic cluster.
Why would Kibana actively refuse the agent enrollment?