We are running into an issue and thought I might get some help here.
We have deployed Elastic into Azure using the marketplace template and are able to establish encrypted connection between Kibana and the cluster with no issues. We also want an Azure function to be able to load data into Elastic, and we are running into issues with the TLS HTTP encryption when trying to connect to Elastic.
To install the certs on the nodes as part of deployment we followed instructions here and used a custom CA, which apparently allows the deploy process to create certs on the nodes.
When the function tries to connect to Elastic it gets the error
The remote certificate is invalid according to the validation procedure if we disable the HTTP encryption everything works fine. (We have the same issue with a custom web site trying to connect to Elastic.)
I assume the function does not like the cert because it doesn't trust the CA that was used to generate it.
I was hoping to get some guidance or best practices for what we're trying to accomplish, as we've been spinning on this for awhile now. Thank!