Error using ssl certs created by certgen tool


(Al) #1

I'm about to use some new domain names so I've created certificates (for client01, client02, clientXX, and server with the certgen tool) for tenants that will be shipping logs (via filebeat) to an Nginx instance which then sends the logs to a local Kafka cluster. When creating the certs, i've set the CN to be set to the domain used for the endpoint, for example "logs.example.com".

Unfortunately, for the root CA cert, the CN is "Elastic Certificate Tool Autogenerated CA" and when a filebeat client attempts to connect to the Nginx instance, it shows the following error:

DBG Ping request failed with: Get https://logs.example2.com:443/client01: x509: certificate is valid for Elastic Certificate Tool Autogenerated CA, not logs.example2.com

Is there any way I can change the CN for the generated root CA certificate? Keep in mind that I currently have the same setup running with an older domain (certs not generated with the certgen tool) which the root CN is "*.example.com" and it's working file.


(Tim Vernum) #2

It looks like you have configured something incorrectly.
There's no reason why your nginx server should provide the root CA certificate to requests.

Can you provide more details on your configuration?


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.