Open ehogeweg opened 7 months ago
Disregard this issue. In the end it DID turn out to be a formatting error in the certificate yml.
Yeah I was fooled by the indentation in the yaml example for Advanced YAML configuration from Getting started with the Elastic Stack and Docker Compose: Part 2.
ssl:
certificate_authorities:
- |
Should be:
ssl:
certificate_authorities:
- |
thanks @olitooni and @ehogeweg!
For any future people following the guide:
Another error source for me were old certs
. So, I also removed all es-cluster
prefixed docker volumes like es-cluster_certs
.
Yeah I was fooled by the indentation in the yaml example for Advanced YAML configuration from Getting started with the Elastic Stack and Docker Compose: Part 2.
ssl: certificate_authorities: - |
Should be:
ssl: certificate_authorities: - |
Hi Are you sure there must be 5 spaces for the "- |" ?
Yeah I was fooled by the indentation in the yaml example for Advanced YAML configuration from Getting started with the Elastic Stack and Docker Compose: Part 2.
ssl: certificate_authorities: - |
Should be:
ssl: certificate_authorities: - |
Hi Are you sure there must be 5 spaces for the "- |" ?
Ah sorry. Corrected with another error. Fixed it now.
thanks @olitooni and @ehogeweg!
For any future people following the guide: Another error source for me were old
certs
. So, I also removed alles-cluster
prefixed docker volumes likees-cluster_certs
.
Do I just need to remove the variable "COMPOSE_PROJECT_NAME"? Can you please elaborate a little more on how the prefix affects the certs? Sorry, but for me is not quite clear what you want to transmit
When settings things up, docker creates volumes for the certs
. However, when you mess up and have to create new certificates you first have to remove the old certs
volumes otherwise you keep using the old ones and no new ones are generated.
just my two cents, if you start the docker-compose project, and you've made an error in your cert config:
When settings things up, docker creates volumes for the
certs
. However, when you mess up and have to create new certificates you first have to remove the oldcerts
volumes otherwise you keep using the old ones and no new ones are generated.
Oh I see. That's why the Fleet Server never "integrates" into Kibana because the ca.crt is not "updated". Thanks!
Thank you for this great tutorial! I did not get this working using the suggested method.
I did get it working by directly pointing to the certificate in the YAML config: ssl.certificate_authorities: ["/certs/ca/ca.crt"]
Since this was asked directly to me: I did this in the user interface.
Hello,
I have followed the steps in the article to set up a fleet-server, but for some reason the fleet-server does not like the self signed certificate. I double checked all the environment variable flags and they appear correct. Or at least identical to the gitlab repo.
Any suggestions would be greatly appreaciated.
Cheers,
Erwin
FLEET env vars:
fleet-server log