Hi @wajika,
using HTTPS for APM agent/server communication is generally not required, but strongly recommended. As soon as you run the server with apm-server.ssl.enabled=true all agents need to connect via HTTPS. The configuration of SSL has no impact on distributed tracing (recording a trace over frontend and backend services).
When using the RUM agent, you do not configure the certificate directly in the agent, but in the browser.
It looks like you have configured an http endpoint instead of https for the APM Server. The RUM documentation shows how to configure the APM Server endpoint.
question.1
Is a certificate required between apm agent and apm server?
As Silvia said, generally not required but recommended.
In your specific case, however: since the frontend application is serving requests over HTTPS, you will need to enable TLS in apm-server for the RUM agent to be able to send data successfully. This is a requirement specific to browser/frontend applications.
question.2
Does the apm agent on the frontend application need to use the same certificate as the frontend?
The APM agent doesn't need to use a certificate, the APM server does. They do not need to be the same, but they could be if they run on the same host (or if you use a reverse proxy). As long as the browser can verify the server certificate, then it will work.
If apmserver enables https, then my other backend applications do not use https. Does it affect them?
You will need to configure the agents for the backend applications to communicate with the APM Server using TLS. Whether the backend application uses HTTPS or not doesn't matter.
I use the certificate generated by "elasticsearch-certutil http", can apmserver use it to enable https?
Yes, but you will need to install the CA certificate in your browser then. I generally would not recommend this approach, but it depends on your application and userbase.
How did you generate the frontend certificate? Is the frontend accessible through the internet, or is this an intranet application?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.