Merticbeat Error dialing x509: certificate is valid for 127.0.0.1, not 172.16.0.204

Metricbeat has stopped working and is giving me Error dialing x509: certificate is valid for 127.0.0.1, not x.x.x.x after a yum update. Other instances that are using the exact same certificate are working fine. Any ideas?

# ---------------------------- Elasticsearch Output ----------------------------
output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["x.x.x.x:9200"]

  # Protocol - either `http` (default) or `https`.
  protocol: "https"
  ssl.certificate_authorities: ["/home/user/elastic/ca/ca.crt"]
  # Authentication credentials - either API key or username/password.
  #api_key: "id:api_key"
  username: "user"
  password: "pass"

UPDATE

With older versions of metricbeat it works, is this a known issue?

Did you perhaps upgrade from 7 to 8 for the metricbeat?

It does seem that the certificate is not valid for that host, and there might be more checks that has been added, from 8.0+ the Elastic stack has security enabled by default.

You can try to disable verification to see if it starts up as intended then? It's not a "fix" unless you are happy with having it disabled, but the complaint about the certificate missmatch seems correct.
See if you can set:
output.elasticsearch.ssl.verification_mode: none

1 Like

Yes, that's a know issue, but the fix has been merged to main a little while ago. There are some GitHub issues (and the fix PR):

Which version of Metricbeat are you running @Spyros_Agriopoulos. The fix has been released on 7.17.1

There is also a simple workaround of setting ssl.verification_mode: certificate

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.