Hello,
Is it possible to set a ca cert along with the advanced.artifacts.global.base_url in the advanced settings for Elastic Defend, to be used when downloading from the security artifacts repository. Following the guide described here:
Configure offline endpoints and air-gapped environments | Elastic Security Solution [8.12] | Elastic
I only see options for ca cert options for "elasticsearch" and "users" (for fleet server), but non for the artifacts repo.
You are correct, unfortunately. There is no way to provide ca cert for security artifacts repository URL.
Note however, the artifacts themselves are RSA-signed so Elastic Defend won't accept any "untrusted" artifacts.
The only workaround for now to use https with custom self-signed ca would be to import it into cert store / key chain on all machines.
Configuration option will be provided in Kibana in 8.14.0
Awesome, thank you for the confirmation and progress!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.