I'm reading through the documentation for fleet servers in elastic 8.7. On the subject of configuring TLS/SSL for fleet servers, I see this:
Is it preferable to create certificates for fleet servers with ./bin/elasticsearch-certutil ca --pem or is it preferable to use certificates signed by public certs like sectigo, let's encrypt etc...?
I made a mistake on another project where I used public certs for elastic cluster protocol on port 9300, in which public root certs basically let any elastic node join my cluster without any restriction.
Wasn't sure if something of similar nature would happen if using public certs for fleet servers?