You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using SearchGuard, all of the cluster listeners use https. This works when the hostname matches the certificate, but in HA/cloud environments there is often a load balancer (or DNS alias) in front of a pool of nodes instead. This means that the request is to localhost (or even to the internal name) but the certificate is from foo.bar.baz.
Without a flag to "accept any certificate", the integration cannot connect to the node.
OS
All of them
Amazon Linux, all versions
CentOS, version 6 or higher
Debian, version 7 ("Wheezy") or higher
Red Hat Enterprise Linux (RHEL), version 6 or higher
Ubuntu, versions 12.04, 14.04, and 16.04 (LTS versions)
Windows Server, 2008 and 2012 and their service packs
The text was updated successfully, but these errors were encountered:
This is currently a limitation of the newrelic/infra-integrations-sdk's built in HTTP client. It does not currently allow SSL without verifying the server certificate. A feature request has been logged for the SDK and we will update Elasticsearch once that feature is implemented.
Description of the problem
When using SearchGuard, all of the cluster listeners use https. This works when the hostname matches the certificate, but in HA/cloud environments there is often a load balancer (or DNS alias) in front of a pool of nodes instead. This means that the request is to
localhost
(or even to the internal name) but the certificate is from foo.bar.baz.Without a flag to "accept any certificate", the integration cannot connect to the node.
OS
The text was updated successfully, but these errors were encountered: