I am new to Elastic Stack, but well over 20 years as a Linux (Gentoo) User. I have set up Elasticsearch, Kibana and Logstash using https on a Virtualbox system with 2 Linux Servers. I now have Elasticsearch and Kibana on one machine and Logstash on another on my home network using Self Signed Certs. This is working.
I am trying to install Fleet Server onto the Logstash Server running RHEL8 from the Kibana/Elasticsearch Interface on an aarm64 device. I have tried both the 'Quick' and 'Advanced' methods, and they both fail with this error:
"Fleet Server - Error - x509: certificate signed by unknown authority","ecs.version":"1.6.0"}
Error: fleet-server failed: context canceled
Here is my install command from the Advanced Interface
sudo ./elastic-agent install -v --url=https://<LOGSTASH_SERVER>:8220 \
--fleet-server-es=https://<ELASTIC_SERVER_IP>:9200 \
--fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2Njc3MjEzOTAyMDQ6bjZ5ckk4Ry1RWVNTdUtpX05NU3hQdw \
--fleet-server-policy=fleet-server-policy \
--fleet-server-es-ca-trusted-fingerprint=508D7EF87489AEBDCCB68E5692E6836F01A1FD004590A1FCD21BDC2D6A112831 \
--insecure
I have tried this with and without the --insecure flag. Same problem.
I have tried with my own certs and letting the installer create it's own certs, but I get the same error.
I have tried the -v switch to get more output to help solve this, but I do not get anything to help. There is nothing in the /var/log/messages.
Help would be much appreciated.