Description
Description
Currently my system is down after the certificate expired. guess it was the http.p12?
Unfortunately there was no warning so i directly ran into the crash after updating the os.
--> guess some kind of warning in the UI might have prevented this?
Next i updated the "http" with the cert tool and copied the resulting files. Now the agent / fleet can no longer start due to:
┌─ fleet
│ └─ status: (STARTING)
└─ elastic-agent
├─ status: (DEGRADED) 1 or more components/units in a failed state
└─ fleet-server-default
├─ status: (HEALTHY) Healthy: communicating with pid '1255'
├─ fleet-server-default
│ └─ status: (FAILED) Error - failed version compatibility check with elasticsearch: x509: certificate signed by unknown authority
└─ fleet-server-default-fleet-server-fleet_server-bad6ee92-babd-4f47-a612-eb78cb0f27ea
└─ status: (FAILED) Error - failed version compatibility check with elasticsearch: x509: certificate signed by unknown authority
No idea how to fix this, no manual in sight. Agent had been installed with "--insecure" and i wonder why this setting got lost.
--> it would really be helpfull if there's either better documentation "how to update / replace expired certificate" or much better a script surrounding the cert tool that is able to not only create the new cert but "distribute" it to the right locations.
Any yes - i used the existing CA.