Fleet Agent Goes from Online to Offline

I enrolled my agent, but after a few minutes it goes offline .I found errors in my endpoint agent logs The error is "Error [SSL certificate problem: self signed certificate in certificate chain]". I was able to bypass this for enrolling the agent with Kibana using the "--insecure" option, but I'm not sure if I can bypass with Elasticsearch. I'm using stack version 7.11.1.

Hey @pkward ,

Are you asking about agent specifically, or agent with the endpoint security integration?

I would not use the --insecure flag - it is better to specify the certificate authority in use (in your case, since you're using a self signed cert - just specify the cert itself) - you can see the flag here.

If you're using the endpoint security integration, you will also need to specify the Elasticsearch CA used in the advanced settings in your policy.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.