[Metricbeat 7.9] x509: certificate is valid for instance, not localhost

Hello,

I'm trying to send data from Metricbeat 7.9 to an already-tls-working Elasticsearch 7.9 but without success...It is a test environment, everything on same server(Elasticsearch, Kibana and Metricbeat)

my metricbeat.yml is:

> output.elasticsearch:
>   # Array of hosts to connect to.
>   hosts: ["localhost:9200"]
> 
>   # Protocol - either `http` (default) or `https`.
>   protocol: "https"
> 
>   # Authentication credentials - either API key or username/password.
>   #api_key: "id:api_key"
>   username: "my_user"
>   password: "my_pass"

After restart metricbeat daemon it starts but shows this message:

Failed to connect to backoff(elasticsearch(https://localhost:9200)): Get "https://localhost:9200": x509: certificate is valid for instance, not localhost

EDIT: as far as I understand ssl options for certificate and key are for authentication (as alternative to user/pass) maybe here is my confussion/mistake?

any tips?
thanks

Solved

"instance" was a default name for canonical name inside certificate, so instead:

bin/elasticsearch-certutil cert --ca myCA.p12

you should create certificate with:

bin/elasticsearch-certutil cert --ca myCA.p12 --name myNode.p12

I'm not sure if this is the proper way but worked.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.