Hi,
I have the same Problem in version 9.1
I have added the pemchaim to /usr/share/kibana/bin/kibana
(see last line)
#!/bin/sh
SCRIPT=$0
# SCRIPT may be an arbitrarily deep series of symlinks. Loop until we have the concrete path.
while [ -h "$SCRIPT" ] ; do
ls=$(ls -ld "$SCRIPT")
# Drop everything prior to ->
link=$(expr "$ls" : '.*-> \(.*\)$')
if expr "$link" : '/.*' > /dev/null; then
SCRIPT="$link"
else
SCRIPT=$(dirname "$SCRIPT")/"$link"
fi
done
DIR="$(dirname "${SCRIPT}")/.."
CONFIG_DIR=${KBN_PATH_CONF:-"$DIR/config"}
test_node() {
test -x "$NODE"
if [ ! -x "$NODE" ]; then
echo "unable to find usable node.js executable."
exit 1
fi
}
if [ -f "${CONFIG_DIR}/node.options" ]; then
KBN_NODE_OPTS="$(grep -v ^# < ${CONFIG_DIR}/node.options | xargs)"
fi
NODE="${DIR}/node/glibc-217/bin/node"
test_node
# Enable capturing heap snapshots. See https://nodejs.org/api/cli.html#--heapsnapshot-signalsignal
# For now only on POSIX platforms, term signals work differently on Windows.
NODE_OPTIONS_HEAPSNAPSHOT_DEFAULT="${NODE_OPTIONS_HEAPSNAPSHOT_DEFAULT:---heapsnapshot-signal=SIGUSR2 --diagnostic-dir=$DIR/data}"
NODE_OPTIONS="--no-warnings --max-http-header-size=65536 $NODE_OPTIONS_HEAPSNAPSHOT_DEFAULT $KBN_NODE_OPTS $NODE_OPTIONS" NODE_ENV=production exec "${NODE}" "${DIR}/src/cli/dist" "${@}"
NODE_EXTRA_CA_CERTS="/etc/kibana/CA_Bundle_2024.pem"
After that I restarted kibana and elasticsearch …
The error remained:
Error connecting to package registry: request to https://epr.elastic.co/search?package=endpoint&prerelease=false&kibana.version=9.1.0&spec.min=2.3&spec.max=3.4 failed, reason: self-signed certificate in certificate chain"
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.11.0"},"@timestamp":"2025-08-07T09:41:13.008+02:00","message":"Failed to fetch latest version of synthetics from registry: Error connecting to package registry: request to https://epr.elastic.co/search?package=synthetics&prerelease=false&kibana.version=9.1.0&spec.min=2.3&spec.max=3.4 failed, reason: self-signed certificate in certificate chain","log":{"level":"ERROR","logger":"plugins.fleet"},"process":{"pid":30324,"uptime":47.262371184},"trace":{"id":"29410b255c452cc674ed55dc9066bbe4"},"transaction":{"id":"f392a7355955495e"}}
{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.11.0"},"@timestamp":"2025-08-07T09:41:13.013+02:00","message":"Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to https://epr.elastic.co/search?package=endpoint&prerelease=false&kibana.version=9.1.0&spec.min=2.3&spec.max=3.4 failed, reason: self-signed certificate in certificate chain","log":{"level":"ERROR","logger":"plugins.fleet"},"process":{"pid":30324,"uptime":47.267121124},"trace":{"id":"29410b255c452cc674ed55dc9066bbe4"},"transaction":{"id":"f392a7355955495e"}}
Fleet is not activated on the instance …
Thank you very much for a short feedback.
Best regards
EI