Comments (13)
just my two cents, if you start the docker-compose project, and you've made an error in your cert config:
- without having to completely remove all your containers,
- you can prune the affected volumes,
- edit your cert related actions in the docker-compose yml
- restart the cluster
from elastic-stack-docker-part-two.
Yeah I was fooled by the indentation in the yaml example for Advanced YAML configuration from Getting started with the Elastic Stack and Docker Compose: Part 2.
ssl:
certificate_authorities:
- |
Should be:
ssl:
certificate_authorities:
- |
from elastic-stack-docker-part-two.
Thank you for this great tutorial!
I did not get this working using the suggested method.
I did get it working by directly pointing to the certificate in the YAML config:
ssl.certificate_authorities: ["/certs/ca/ca.crt"]
from elastic-stack-docker-part-two.
Since this was asked directly to me: I did this in the user interface.
from elastic-stack-docker-part-two.
Disregard this issue. In the end it DID turn out to be a formatting error in the certificate yml.
from elastic-stack-docker-part-two.
thanks @olitooni and @ehogeweg!
For any future people following the guide:
Another error source for me were old certs
. So, I also removed all es-cluster
prefixed docker volumes like es-cluster_certs
.
from elastic-stack-docker-part-two.
Yeah I was fooled by the indentation in the yaml example for Advanced YAML configuration from Getting started with the Elastic Stack and Docker Compose: Part 2.
ssl: certificate_authorities: - |
Should be:
ssl: certificate_authorities: - |
Hi Are you sure there must be 5 spaces for the "- |" ?
from elastic-stack-docker-part-two.
Yeah I was fooled by the indentation in the yaml example for Advanced YAML configuration from Getting started with the Elastic Stack and Docker Compose: Part 2.
ssl: certificate_authorities: - |
Should be:
ssl: certificate_authorities: - |
Hi Are you sure there must be 5 spaces for the "- |" ?
Ah sorry. Corrected with another error. Fixed it now.
from elastic-stack-docker-part-two.
thanks @olitooni and @ehogeweg!
For any future people following the guide: Another error source for me were old
certs
. So, I also removed alles-cluster
prefixed docker volumes likees-cluster_certs
.
Do I just need to remove the variable "COMPOSE_PROJECT_NAME"? Can you please elaborate a little more on how the prefix affects the certs? Sorry, but for me is not quite clear what you want to transmit
from elastic-stack-docker-part-two.
When settings things up, docker creates volumes for the certs
. However, when you mess up and have to create new certificates you first have to remove the old certs
volumes otherwise you keep using the old ones and no new ones are generated.
from elastic-stack-docker-part-two.
When settings things up, docker creates volumes for the
certs
. However, when you mess up and have to create new certificates you first have to remove the oldcerts
volumes otherwise you keep using the old ones and no new ones are generated.
Oh I see. That's why the Fleet Server never "integrates" into Kibana because the ca.crt is not "updated". Thanks!
from elastic-stack-docker-part-two.
ssl.certificate_authorities: ["/certs/ca/ca.crt"]
Very nice!!!
from elastic-stack-docker-part-two.
I am using this setup with STACK_VERSION=8.15.0 and I was getting this error in the logs of the fleet-server:
"message":"no CA certificate matching the fingerprint","component":
To fix this I followed what was discussed here: https://discuss.elastic.co/t/elastic-agent-ca-trusted-fingerprint-does-not-working-but-the-certificate-works/362239/3
The output edit fields that worked to resolve that error:
from elastic-stack-docker-part-two.
Related Issues (6)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elastic-stack-docker-part-two.