I was setting up the SSL certificates for Kibana, and when I tried to generate a enrollment token, using this command:
(as root) /usr/share/elasticsearch# bin/elasticsearch-create-enrollment-token -s kibana
I got the following error:
java.security.cert.CertificateException: No subject alternative names present
Looking some topics, I found out that to solve this I have to re-generate the certificate adding the SAN. But using certutil there's no mention to any option that allows to fill this field, except if I use the silent mode (that allows to set some parameters within a .yml that in the end results in filling the SAN field)
I don't want to create a .yml, because I'm doing in a single node cluster for only localhost server, and start all the process again of configuring the SSL connection.
Any Ideas why? How can I generate a proper certification using certutil in verbose mode?