Hello community, I have setup an elk stack following the URL;
Run in Docker with TLS enabled
everything setup successfully with elastic default settings, but I want to configure Letsencrypt SSL for http instead of es01.crt.
For that I have created SSL using Letsencrypt and also deployed successfully on kibana, lines are given below;
ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES: $CERTS_DIR/ca/ca.crt
SERVER_SSL_ENABLED: "true"
SERVER_SSL_KEY: $CERTS_DIR/kib01/privkey.pem
SERVER_SSL_CERTIFICATE: $CERTS_DIR/kib01/fullchain.pem
but when I try with es01, es02 and es03 nodes, as given below;
- xpack.security.http.ssl.key=$CERTS_DIR/es02/privkey.pem
- xpack.security.http.ssl.certificate=$CERTS_DIR/es02/fullchain.pem
all the container launched successfully and in running state, but at browser I only see the message ;
"Kibana server is not ready yet"
and here are the lines from container logs;
kib01 container
"error","savedobjects-service"],"pid":1213,"message":"Unable to retrieve version information from Elasticsearch nodes. unable to get local issuer certificate"}
es01 container
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate"
anyone please guide me about it.