ECK Stack Monitoring disable certificate validation on beats

Hi,

I wanted to setup Stack Monitoring as described here: Stack Monitoring | Elastic Cloud on Kubernetes [2.3] | Elastic

I've provided my own certificate to the elasticsearch cluster which didn't contain a SAN entry for "elasticsearch-es-http.elastic.svc". Therefore the connections from the metric/filebeat to elasticsearch is failing with the following error message:

{"log.level":"error","@timestamp":"2022-07-28T13:26:36.239Z","log.logger":"publisher_pipeline_output","log.origin":{"file.name":"pipeline/client_worker.go","file.line":150},"message":"Failed to connect to backoff(elasticsearch(https://elasticsearch-es-http.elastic.svc:9200)): Get \"https://elasticsearch-es-http.elastic.svc:9200\": x509: certificate is valid for REDACTED, REDACTED, not elasticsearch-es-http.elastic.svc","service.name":"metricbeat","ecs.version":"1.6.0"}

Config looks like:

apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: elasticsearch
  namespace: elastic
spec:
  version: 8.3.2
[...]
  monitoring:
    metrics:
      elasticsearchRefs:
      - name: elasticsearch
    logs:
      elasticsearchRefs:
      - name: elasticsearch
[...]
  http:
    tls:
      certificate:
        secretName: elasticsearch-certificate

Is there any possibility to disable the certificate validation for metric/filebeat or change to ssl.verification_mode: certificate ?

Thanks!

Hi, sorry for the late reply. This should be fixed by Stack monitoring: trust custom cert. in output configuration by barkbay · Pull Request #5945 · elastic/cloud-on-k8s · GitHub scheduled for ECK 2.5.0

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.