K
Q

Filebeat: Certificate signed by unknown authority

5/15/2019

I am getting this error from filebeat:

Failed to connect to backoff(elasticsearch(https://elk.example.com:9200)): Get https://elk.example.com:9200: x509: certificate signed by unknown authority

INFO pipeline/output.go:93 Attempting to reconnect to backoff(elasticsearch(https://elk.example.com:9200)) with 1468 reconnect attempt(s)

INFO [publish] pipeline/retry.go:189 retryer: send unwait-signal to consumer

INFO [publish] pipeline/retry.go:191 done

INFO [publish] pipeline/retry.go:166 retryer: send wait signal to consumer

INFO [publish] pipeline/retry.go:168 done

However, elasticsearch is having valid SSL by letsencrypt. (This is not a self-signed certificate).

Filebeat kubernetes config:

output.elasticsearch:
  hosts: ['${ELASTICSEARCH_HOST:elasticsearch}:${ELASTICSEARCH_PORT:9200}']
  username: ${ELASTICSEARCH_USERNAME}
  password: ${ELASTICSEARCH_PASSWORD}

I tried adding these parameters in config file and it worked. But, why do I need to bypass verification even if certificate is valid.

ssl.verification_mode: "none"
-- Ronak Patel
elasticsearch
filebeat
kubernetes
ssl

Similar Questions

run eclipse/che local image on kubernetes
Traefik ingress does not work with cluster IP
How to fix ImagePullBackOff with Kubernetespod?
Error while trying to do a kubernetes deployment from a private registry
Access kubernetes external IP from the internet
self-hosted posthog has been down right after I rebooted my vps

0 Answers