I'm just getting started with securing Elastic Stack. My setup is a cloud VM where both Elasticsearch and Kibana are running. It is a one node setup right now.
I generated a CA with certutil, and then generated a pkcs12 key for my Elasticsearch node using this CA.
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 --name my-server01 --ip 192.168.0.1 (placeholder) --dns my-server01.vpc.com
I'v got Elasticsearch running with full host verification. Now I'm adding Kibana to the mix by converting the pkcs12 key from the CA to a pem file and it's working fine with elasticsearch.ssl.verificationMode: certificate. However once I set verificationMode to full Kibana can't discover Elasticsearch anymore.
Isn't it possible to use full verification mode with a self generated CA or am I doing something wrong here?