I have followed this elastic blog for configuring SSL in the elastic stack and tried using verification mode as
certificate as well as
none in elastic's configuration YAML but when I am trying to set up a password using xpack I am getting this error
SSL connection to https://192.168.236.98:9200/_security/_authenticate?pretty failed: No subject alternative names matching IP address 192.168.236.98 found Please check the elasticsearch SSL settings under xpack.security.http.ssl.
The IP mentioned in the above error is my master pod IP. While generating ther certs I have given service dns name but
elasticsearch-setup-passwords is looking for pod IP instead of service DNS(elasticsearch-master.elk.svc.cluster.local).
I would be glad if someone could guide me and answer my following queries:
- How can I add pod IP in
Subject Alternative Namesas pod IP is not known before the deployment?
- Why verification mode
noneis not working as mentioned in the documentation:
none, which performs no verification of the server’s certificate.