Cannot connect to opensearch.

[Khodesaeed]

Hi I implement a cluster of opensearch with self-sign certificate and I want to connect logagent to it. Unfortunately, I am getting this error message:

2021-11-18T06:35:03.962Z v3.0.72 pid[111195] Error in Elasticsearch request:  source="logsene-js" err={"code":"UNABLE_TO_VERIFY_LEAF_SIGNATURE","url":"https://admin:admin@opensearch-1-test.partdp.ir:9200/logging/_bulk"} /  code="UNABLE_TO_VERIFY_LEAF_SIGNATURE" url="https://admin:admin@opensearch-1-test.partdp.ir:9200/logging/_bulk"

Here is my output configuration:

output:
  secure-elasticsearch:
    module: elasticsearch
    url: "https://admin:admin@opensearch-1-test.example.com:9200"
    index: logging
    httpOptions:
      # key: /etc/sematext/client-key.pem
      # cert: /etc/sematext/client.pem
      # ca: /etc/sematext/root-ca.pem
      rejectUnauthorized: true

In addition, I already add that self-sign root-ca to the trusted list of the Linux OS by this command:

1.  cp root-ca.pem /usr/local/share/ca-certificates/root-ca.crt
2.  update-ca-certificate

Right now I am able to call all of the opensearch API with curl command without ignoring trusted-ca flag. example: curl https://admin:admin@opensearch-1-test.example.com:9200/

{
  "name" : "opensearch-1-test",
  "cluster_name" : "dungeon",
  "cluster_uuid" : "6CxqxTQ_SveBUfOHT0AkQA",
  "version" : {
    "distribution" : "opensearch",
    "number" : "1.1.0",
    "build_type" : "tar",
    "build_hash" : "15e9f137622d878b79103df8f82d78d782b686a1",
    "build_date" : "2021-10-04T21:29:03.079792Z",
    "build_snapshot" : false,
    "lucene_version" : "8.9.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "The OpenSearch Project: https://opensearch.org/"
}

UPDATE:

sorry for disturbing, I've solved the issue by running service by NODE_TLS_REJECT_UNAUTHORIZED=0 /usr/bin/logagent --config /etc/sematext/logagent.conf command.