I am configuring "Elastic Stack" using a self-signed certificate.
Secure communication between Elasticsearch worked fine, but
Secure communication between Winlogbeat/Elasticsearch will result in an error.
Please teach me the "series of tasks" as specifically as possible, such as the certificate-related files and settings that should be kept on the Windows side.
▼ERROR Details
ERROR pipeline/output.go:100 Failed to connect to backoff(elasticsearch(https://xxx.xxx.xxx.xxx:9200)): Get https://xxx.xxx.xxx.xxx:9200: x509: certificate signed by unknown authority
▼Setting parameters for “output.elasticsearch” in “winlogbeat.yml” (excerpt)
output.elasticsearch:
hosts: ["xxx.xxx.xxx.xxx:9200", "xxx.xxx.xxx.xxx:9200", "xxx.xxx.xxx.xxx:9200"]
protocol: "https"
api_key: "id:api_key"
▼“winlogbeat.exe test config” execution command on Windows
.\winlogbeat.exe test config -c .\winlogbeat.yml -e
▼Execution results of "winlogbeat.exe test config" command on Windows
Config OK
▼“winlogbeat.exe” execution command on Windows
.\winlogbeat.exe -c .\winlogbeat.yml -e
▼Execution results of the “winlogbeat.exe” command on Windows
ERROR pipeline/output.go:100 Failed to connect to backoff(elasticsearch(https://xxx.xxx.xxx.xxx:9200)): Get https://xxx.xxx.xxx.xxx:9200: x509: certificate signed by unknown authority
INFO pipeline/output.go:93 Attempting to reconnect to backoff(elasticsearch(https://xxx.xxx.xxx.xxx:9200)) with 3 reconnect attempt(s)
My environment is as below
The server OS uses Ubuntu
Elasticsearch8.11 is configured redundantly with 3 units.
Winlogbeat is using 8.11
Please help me
regards
Thank you