I enrolled my agent, but after a few minutes it goes offline .I found errors in my endpoint agent logs The error is "Error [SSL certificate problem: self signed certificate in certificate chain]". I was able to bypass this for enrolling the agent with Kibana using the "--insecure" option, but I'm not sure if I can bypass with Elasticsearch. I'm using stack version 7.11.1.
Hey @pkward ,
Are you asking about agent specifically, or agent with the endpoint security integration?
I would not use the --insecure flag - it is better to specify the certificate authority in use (in your case, since you're using a self signed cert - just specify the cert itself) - you can see the flag here.
If you're using the endpoint security integration, you will also need to specify the Elasticsearch CA used in the advanced settings in your policy.