{"log.level":"error","@timestamp":"2024-01-25T14:40:54.353Z","log.origin":{"file.name":"coordinator/coordinator.go","file.line":557},"message":"Unit state changed fleet-server-default (STARTING->FAILED): Error - failed version compatibility check with Elasticsearch: tls: failed to verify certificate: x509: certificate signed by unknown authority","log":{"source":"elastic-agent"},"component":{"id":"fleet-server-default","state":"HEALTHY"},"unit":{"id":"fleet-server-default","type":"output","state":"FAILED","old_state":"STARTING"},"ecs.version":"1.6.0"}
I've tried adding the --insecure flag and various other things, but without success. I'm using a self-signed certificate. I already have other elastic-agents working in the stack; the issue seems to be specifically with elastic-agent-complete via Docker.
**This is my first time using this forum; please let me know if I've done anything wrong.
I believe the insecure flag should work, not recommended for a production deployment because allows for man in the middle attacks on your infrastructure.
I'm not super familiar with this area but my guess is: I don't believe FLEET_SERVER_INSECURE is a valid setting. You'll want FLEET_SERVER_INSECURE_HTTP.
If your elasticsearch cluster is using a self-signed cert, you'll also want to provide the ca for the elasticsearch server via FLEET_SERVER_ELASTICSEARCH_CA
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.