Hello,
I'm trying to install Elastic Agent with a local ELK Environment and have no luck because of Fleet Server issues.
Server Info:
- ELK on version 7.13.1 with self-signed certificates running in Docker containers on x64 Linux
- Host for Elastic Agent does not seem to matter (tried both Windows / Linux)
I'm trying to add Elastic Agent but Fleet Server just produces all kinds off error messages:
First I simply followed the instructions to add an agent in Kibana
- Download Agent with correct Version for the correct OS
- Generate token
- copy and run the command
sudo ./elastic-agent install -f --fleet-server-es=https://[pc-name]:9200 --fleet-server-service-token=[token]
[timestamp] INFO cmd/enroll_cmd.go:300 Generating self-signed certificate for Fleet Server
[timestamp] INFO cmd/enroll_cmd.go:610 Waiting for Elastic Agent to start Fleet Server
[timestamp] INFO cmd/enroll_cmd.go:643 Fleet Server - Starting
[timestamp] INFO cmd/enroll_cmd.go:643 Fleet Server - Error - x509: certificate is not valid for any names, but wanted to match [pc-name]
[timestamp] INFO cmd/enroll_cmd.go:648 Fleet Server - Error - x509: certificate is not valid for any names, but wanted to match [pc-name]
[timestamp] INFO cmd/enroll_cmd.go:643 Fleet Server - Starting
Since there was a certificate issue I tried to add the parameter "--fleet-server-es-ca=[path-to-elasticsearch-root-ca]" but it entered into a loop of crashes/starts/restarts.
That happened every time I added this parameter to any command.
[timestamp] INFO cmd/enroll_cmd.go:300 Generating self-signed certificate for Fleet Server
[timestamp] INFO cmd/enroll_cmd.go:610 Waiting for Elastic Agent to start Fleet Server
[timestamp] INFO cmd/enroll_cmd.go:643 Fleet Server - Restarting
[timestamp] INFO cmd/enroll_cmd.go:648 Fleet Server - Restarting
Just adding "--insecure" which worked on 7.12.1 before we upgraded this setup to 7.13.1 did not work.
So I created certificates for the client in case that resolved the certificate issue.
The additional parameters "--fleet-server-cert" and "--fleet-server-cert-key" required the "--url" Parameter and documentation mentioned that I would require the "--fleet-server-insecure-http" Parameter
sudo ./elastic-agent install -f --fleet-server-es=https://[pc-name]:9200/ --fleet-server-service-token=[token] --insecure --fleet-server-cert=[server.crt] --fleet-server-cert-key=[server.key] --url=https://[pc-name]:9243/ --fleet-server-insecure-http
[timestamp] INFO cmd/enroll_cmd.go:643 Fleet Server - Starting
[timestamp] INFO cmd/enroll_cmd.go:643 Fleet Server - Error - x509: certificate is not valid for any names, but wanted to match [pc-name]
[timestamp] INFO cmd/enroll_cmd.go:648 Fleet Server - Error - x509: certificate is not valid for any names, but wanted to match [pc-name]
I tried this with different inputs (localhost as address as recommended as an example) and leaving out the "--fleet-server-insecure-http" parameter without a different result.
I hope somebody can help with this rather frustrating problem.
Both in ES Cloud Deployment in AWS where a Fleet Server is automatically proviced and without certificates I had my first Agents running in less than 5 minutes.
Thanks
edit1: just some formatting changes