hello elastic community
I have a problem trying to configure the fleet server, I have done the following:
Inside Kibana - fleet/settings
Fleet server hosts
I have put my local server 192.0.1.20 with port 8220
Outputs
https://192.0.1.20:9200 // Default SSL
Then I go to Agents and give it Add Fleet Server.
In this screen I am initially choosing the fleet server police https://192.0.1.20:8220
And it appears to me that I add the following on the Linux debian server where I want to install the fleet server.
sudo ./elastic-agent install
--fleet-server-es=https://192.0.1.20:9200
--fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2ODE1MTU3MjU5Mzk6eEZtdUdjSl9UdXktQ18tdDNfNFl4UQ
--fleet-server-policy=fleet-server-policy
Some Details
- I only have a linux (debian11) with Kibana, Elasticsearch and right here I want to add the Fleet server.
- Port 8220 isn't active on the linux (debian11) server
- The Elasticsearch has the SSL that comes by default in the latest version (I DO NOT use digital certificates)
If I install with /elastic-agent install
--fleet-server-es=https://192.0.1.20:9200 \
I get the following error
{"log.level":"info","@timestamp":"2023-04-14T18:26:57.558-0500","log.origin":{"file.name":"cmd/enroll_cmd.go" ,"file.line":407},"message":"Generating self-signed certificate for Fleet Server","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2023-04-14T18:27:02.218-0500","log.origin":{"file.name":"cmd/enroll_cmd.go" ,"file.line":770},"message":"Waiting for Elastic Agent to start Fleet Server","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2023-04-14T18:27:06.222-0500","log.origin":{"file.name":"cmd/enroll_cmd.go" ,"file.line":803},"message":"Fleet Server - Error - x509: certificate signed by unknown authority","ecs.version":"1.6.0"}
Error: fleet-server failed: context canceled
For help, please see our troubleshooting guide at Troubleshoot common problems | Fleet and Elastic Agent Guide [8.7] | Elastic
Error: enroll command failed for unknown reason: exit status 1
but if I install without Https
/elastic-agent install
--fleet-server-es=http://192.0.1.20:9200 \
I get the following:
Installed as a system package, installation will not be altered.
{"log.level":"info","@timestamp":"2023-04-14T18:29:52.671-0500","log.origin":{"file.name":"cmd/enroll_cmd.go" ,"file.line":407},"message":"Generating self-signed certificate for Fleet Server","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2023-04-14T18:29:56.236-0500","log.origin":{"file.name":"cmd/enroll_cmd.go" ,"file.line":770},"message":"Waiting for Elastic Agent to start Fleet Server","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2023-04-14T18:30:00.240-0500","log.origin":{"file.name":"cmd/enroll_cmd.go" ,"file.line":803},"message":"Fleet Server - Error - EOF","ecs.version":"1.6.0"}
^CError: fleet-server failed: context canceled
For help, please see our troubleshooting guide at Troubleshoot common problems | Fleet and Elastic Agent Guide [8.7] | Elastic
How can I make the fleet server work?