Hey @Daud_Ahmed,
I guess that curl works there because with the -k option it is not validating certificates.
If you want to have the same behaviour in Filebeat (not recommended for production environments), then you can use the following option, that disables certificates validation.
output.elasticsearch.ssl.verification_mode: 'none'
Regarding the error cannot validate certificate for xx.xx.xx.xxbecause it doesn't contain any IP SANs., it indicates that your server is using a certificate that cannot be validated for IP addresses, but you are using an IP address to connect to it. You would need to do one of these things:
- Regenerate the server certificate, including the IP as the alternate name.
- Configure filebeat to use one of the names included in the certificate.
In both cases, if you are signing these server certificates, you will need to use output.elasticsearch.ssl.certificate_authorities option to indicate the certificate authority.
The certificate and key options are used for client validation. That doesn't seem to be required in your case.