You have security enabled with TLS, but you're not sending any credentials to authenticate with elasticsearch. What do you mean make a cert for filebeat?
[root@bdi-uat-splunkes filebeat]# filebeat setup
Overwriting ILM policy is disabled. Set `setup.ilm.overwrite: true` for enabling.
Index setup finished.
Loading dashboards (Kibana must be running and reachable)
Exiting: error connecting to Kibana: fail to get the Kibana version: HTTP GET request to https://10.194.11.68:5601/api/status fails: fail to execute the HTTP GET request: Get "https://10.194.11.68:5601/api/status": x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "Elastic Certificate Tool Autogenerated CA"). Response: .
I'm assuming you're using the automatically generated self signed certs. You need to set output.elasticsearch.ssl.certificate_authorities and setup.kibana.ssl.certificate_authorities. See Configure SSL | Filebeat Reference [7.12] | Elastic
So idk how u generated your SSL certs but if they're self signed than copy the cert from elasticsearch to the elasticsearch path and the kibana to the kibana path. If kibana and elasticsearch are using a keystore to hold the certs instead of on the filesystem, you'll have to use the Java keytool to extract them. You don't need to worry about the .key files for the certificate authority files.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.