Elasticsearch and Docker Generating http_ca.crt

I have followed the instructions on installing Elasticsearch on Docker for version 8.0.1.

I am able to run the curl command against "https://localhost:9200" with the http_ca.crt and the password generated for the elastic user. However, if I replace "localhost" with the IP address of the host, I get the error message "no alternative certificate subject name matches target host name '##.#.###.#".

Is this going to be an issue when I try to connect an Elastic Agent on a separate machine? If so, what changes do I need to make? Or is there additional documentation that I can refer to.

Thank you


Bump - Is there a way to control the cert generation, especially the host, when starting Elastic using Docker Run?

Hi @SwampyFox

You can start your container with

docker run --name es01 --net elastic -p 9200:9200 -p 9300:9300 -e "http.publish_host=<HOST_IP_HERE>" -it docker.elastic.co/elasticsearch/elasticsearch:8.1.0

and we'll put the HOST_IP in the SANs of the HTTP certificate so that you can use it to connect to it over https

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.