I have a cloudflare wildcard ssl for my organization that i have configured on my elasticsearch and Kibana as follows:
'''''''''
Elasticsearch
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
key: certs/elk_elula/cf_privkey.pem
certificate: certs/elk_elula/cf_fullchain.pem
verification_mode: certificate
certificate_authorities: ["/etc/elasticsearch/certs/elk_elula/cf_fullchain.pem"]
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
key: certs/elk_elula/cf_privkey.pem
certificate: certs/elk_elula/cf_fullchain.pem
verification_mode: certificate
certificate_authorities: ["/etc/elasticsearch/certs/elk_elula/cf_fullchain.pem"]
Kibana:
''''''''
# =================== System: Kibana Server (Optional) ===================
# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
server.ssl.enabled: true
server.ssl.certificate: /etc/kibana/certs/kibana.elula.cloud/cf_fullchain.pem
server.ssl.key: /etc/kibana/certs/kibana.elula.cloud/cf_privkey.pem
server.ssl.certificateAuthorities: ["/etc/kibana/certs/kibana/cf_fullchain.pem"]
server.ssl.verification_mode: certificate
and its not working, when i curl i get this
''''''''
curl
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here:
'''''''
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
I have tried adding the RSA Cloudflare Root CA and ECC root CA with no joy
please help, been at it for many days