Hi,
I am having the following problem:
-
I used apm-server monitor service java. After but enable https://x.x.x.x:9200, https://x.x.x.x:5601. I gen cert config in elasticsearch.yml, kibana.yml, apm-server.yml status service ready.
-
However, apm-agent to call apm-server:
[root@http-server ms]# curl --cacert apm-server.key --insecure https://10.x.x.x:8200
{
"build_date": "2023-11-10T18:50:41Z",
"build_sha": "9bf427affc4b334c75be2e663f069e28901e39bf",
"publish_ready": true,
"version": "7.17.15"
}
But log on apm-server:
{"log.level":"error","@timestamp":"2023-12-14T08:28:40.591+0700","log.logger":"esclientleg","log.origin":{"file.name":"transport/logging.go","file.line":37},"message":"Error dialing x509: certificate signed by unknown authority","service.name":"apm-server","network":"tcp","address":"10.x.x.x:9200","ecs.version":"1.6.0"}
{"log.level":"error","@timestamp":"2023-12-14T08:28:42.504+0700","log.logger":"beater.http","log.origin":{"file.name":"http/server.go","file.line":3215},"message":"http: TLS handshake error from 10.x.x.x:10852: remote error: tls: unknown certificate","service.name":"apm-server","ecs.version":"1.6.0"}
{"log.level":"error","@timestamp":"2023-12-14T08:29:53.493+0700","log.logger":"beater.http","log.origin":{"file.name":"http/server.go","file.line":3215},"message":"http: TLS handshake error from x.x.x.x:10910: remote error: tls: unknown certificate","service.name":"apm-server","ecs.version":"1.6.0"}
Is this the TLS/SSL configuration in the apm-server.yml file?