Skip to content

Add custom cert troubleshooting page to AutoOps for self-managed docs #4043

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Nov 25, 2025
Merged

Add custom cert troubleshooting page to AutoOps for self-managed docs #4043

merged 9 commits into from
Nov 25, 2025
+121 −0

Conversation

@wajihaparvez
Copy link
Contributor

@wajihaparvez wajihaparvez commented Nov 21, 2025

Summary

This PR adds a troubleshooting page to explain how to configure Elastic Agent with a custom SSL certificate. I added a new child page under the troubleshooting section to avoid overloading that page with info.

Closes https://github.com/elastic/opex-product/issues/666.

@wajihaparvez wajihaparvez self-assigned this Nov 21, 2025
@wajihaparvez wajihaparvez requested a review from a team as a code owner November 21, 2025 22:54
@github-actions
Copy link

github-actions bot commented Nov 21, 2025
edited
Loading

Vale Linting Results

Summary: 3 suggestions found

💡 Suggestions (3)
File Line Rule Message
deploy-manage/monitor/autoops/autoops-sm-custom-certification.md 15 Elastic.FutureTense 'will fail' might be in future tense. Write in the present tense to describe the state of the product as it is now.
deploy-manage/monitor/autoops/cc-cloud-connect-autoops-troubleshooting.md 26 Elastic.FirstPerson Avoid first-person pronouns such as 'my'.
deploy-manage/monitor/autoops/cc-cloud-connect-autoops-troubleshooting.md 170 Elastic.FirstPerson Avoid first-person pronouns such as 'my'.

@github-actions
Copy link

github-actions bot commented Nov 21, 2025
edited
Loading

🔍 Preview links for changed docs

@arnonst
Copy link

arnonst commented Nov 23, 2025
edited
Loading

@wajihaparvez

  1. When user select to see the option of adding a variable and not hardcode the CR part.
    We show this sentence with a codeblock:

The following codeblock shows what your final configuration should look like. This example uses the second option, hardcoding the file path.

I think this part should not appear if the user is using the variable option as it may confuse the user who choose a different implementation of the change

  1. We need to add the error x509 error "x509: certificate signed by unknown authority ..." also to the table

kilfoyle
kilfoyle approved these changes Nov 24, 2025
View reviewed changes
Copy link
Contributor

@kilfoyle kilfoyle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! 🐇
Just a few super small suggestions.

@shainaraskas
Copy link
Collaborator

shainaraskas commented Nov 24, 2025

qq: should this be positioned as a troubleshooting page, or will some people come into this already knowing that they want a custom cert for elastic agent? wonder if we should take troubleshoot out of the title so people who already know what they want don't skip over this

@wajihaparvez
Copy link
Contributor Author

wajihaparvez commented Nov 24, 2025
edited
Loading

@shainaraskas that's a good point. I've asked for clarification of the exact use case and I'll update accordingly

Update: It can go either way. Users could come to this page if they run into trouble OR if they already know their custom certificate is not trusted by the host machine. So I've moved this page out of the troubleshooting section and reworked it a bit, but I've also linked to it from the Troubleshooting page.

@arnonst
Copy link

arnonst commented Nov 25, 2025

@wajihaparvez
regarding:

We need to add the error x509 error "x509: certificate signed by unknown authority ..." also to the table

lets use the following to update the table:

  • Error code: x509
  • Error message - Certificate signed by unknown authority
  • Description - Elastic Agent might not recognize your SSL certificate if it is signed by a custom or internal Certificate Authority (CA)

@wajihaparvez wajihaparvez merged commit 55ae752 into elastic:main Nov 25, 2025
8 checks passed
@wajihaparvez wajihaparvez deleted the custom-cert-autoops-sm branch November 25, 2025 21:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kilfoyle kilfoyle kilfoyle approved these changes

@pickypg pickypg Awaiting requested review from pickypg

@arnonst arnonst Awaiting requested review from arnonst

Assignees

@wajihaparvez wajihaparvez

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@wajihaparvez @arnonst @shainaraskas @kilfoyle