Elasticsearch and Docker Generating http_ca.crt

Elastic Stack Elasticsearch
1

I have followed the instructions on installing Elasticsearch on Docker for version 8.0.1.

I am able to run the curl command against "https://localhost:9200" with the http_ca.crt and the password generated for the elastic user. However, if I replace "localhost" with the IP address of the host, I get the error message "no alternative certificate subject name matches target host name '##.#.###.#".

Is this going to be an issue when I try to connect an Elastic Agent on a separate machine? If so, what changes do I need to make? Or is there additional documentation that I can refer to.

Thank you

Chuck

2

Bump - Is there a way to control the cert generation, especially the host, when starting Elastic using Docker Run?

3

Hi @SwampyFox

You can start your container with

docker run --name es01 --net elastic -p 9200:9200 -p 9300:9300 -e "http.publish_host=<HOST_IP_HERE>" -it docker.elastic.co/elasticsearch/elasticsearch:8.1.0

and we'll put the HOST_IP in the SANs of the HTTP certificate so that you can use it to connect to it over https

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.