SSL Connection in watcher using Teams

Good morning,

I'm using watcher to send messages using the application "TEAMS" connected by a webhook, but when if I execute the action run perfectly, but when it is fire I have the next message:


"actions": [
      {
        "id": "MS_Teams",
        "type": "webhook",
        "status": "failure",
        "error": {
          "root_cause": [
            {
              "type": "s_s_l_exception",
              "reason": "Connection reset"
            }
          ],
          "type": "s_s_l_exception",
          "reason": "Connection reset",
          "caused_by": {
            "type": "socket_exception",
            "reason": "Connection reset"
          },
          "suppressed": [
            {
              "type": "socket_exception",
              "reason": "Broken pipe"
            }
          ]
        }
      }
    ]

Thanks!!

Have you imported SSL certs to make this work? If so, did you do this on all nodes?

Also, are all nodes allowed to connect to the teams endpoint? Or is there maybe a firewall stopping this.

Keep in mind that testing a watch via kibana or via the execute watch API might mean, that it is executed somewhere else, as if running in the background.

Hope that helps as a debugging start.

Hi @spinscale,

First of all thanks for the answer :slight_smile: I don't know where I can configure it... When I make the next instruction to get the differents certificates (GET _ssl/certificates) I get 2 PEMs + 1 internal certificate, but the node's certificate changes when I repeat the query....

    "path" : "node.crt",
    "format" : "PEM",
    "alias" : null,
    "subject_dn" : "CN=instance-0000000000.node.XXXX.cluster.local",
    "serial_number" : "YYYY",
    "has_private_key" : true,
    "expiry" : "2021-08-26T13:17:36.000Z"

-------

    "path" : "node.crt",
    "format" : "PEM",
    "alias" : null,
    "subject_dn" : "CN=instance-0000000004.node.XXXXX.cluster.local",
    "serial_number" : "YYYY",
    "has_private_key" : true,
    "expiry" : "2021-09-28T04:06:56.000Z"

Thanks!

Hm, that might indicate, that you have a different setup on each of your nodes. Maybe go with curl on the commandline run this against each of your nodes and compare the output.

These nodes are in elastic cloud, is possible get this information?