I'm having an issue with elastic agents Windows machines, but they work perfectly on Linux machines.
My fleet server keeps showing the status Unhealthy
for elastic agents I've installed on Windows machines. This is the error message I see in C:\Program Files\Elastic\Agent\data\elastic-agent-10dc6a\logs\elastic-agent-20230510-1.ndjson
Failed reading CA certificate: open /etc/certs/archive/elasticsearch-self-signed/ca.crt: The system cannot find the path specified.
Why is my elastic agent trying to use a linux path on a windows machine?
This is the command I ran to start my elastic agent on Windows
cd C:\elastic-agent-8.7.1-windows-x86_64\
.\elastic-agent.exe install --url=https://fleet.example.net:8220 `
--enrollment-token=aUt5eEJvZ0JXMzRXa1FUblpRM246WEwxUVBhbGlRZzZ0ODhsWkdHelhJZw== `
-a C:\elastic-agent-8.7.1-windows-x86_64\ca.crt `
--fleet-server-es-ca C:\elastic-agent-8.7.1-windows-x86_64\ca.crt
As you can see, I specified the --fleet-server-es-ca
. I was hoping that --fleet-server-es-ca
would tell elastic agent where to find the certificate authority. But it seems the elastic agent completely ignores the --fleet-server-es-ca
flag.
The --fleet-server-es-ca
works perfectly on Ubuntu 20.04. On ubuntu 20.04, the --fleet-server-es-ca
will tell the elastic agent the location of the certificate authority necessary to connect with the elasticsearch instance.
What did I do wrong? How do I tell the elastic agent which certificate authority to use on Windows?