[Fleet] Add ES certificate authority fingerprint argument to Fleet Server install command #116620
Closed
1 of 2 tasks
Labels
required-for-8.0
This work is required to be done before 8.0 lands, bc it relates to a breaking change or similar.
Team:Fleet
Team label for Observability Data Collection Fleet team
v8.0.0
In order to support the new 'security on by default' configuration, we need to ensure that Fleet Server and Elastic Agent will trust self-signed certificates generated by Elasticsearch 8.0. To do this, the Fleet UI should add a sha256 fingerprint of the Elasticsearch's certificate authority to the
./elastic-agent install
commands provided to users in the UI.The fingerprint should be retrieved from the Fleet Server policy's output's
ca_trusted_fingerprint
property which will be populated automatically during Kibana setup in #120120Depends on
ca_sha256
to default Elasticsearch output in Fleet during setup for security on by default #120120This should be populated as a
--fleet-server-es-ca-trusted-fingerprint=<fingerprint>
flag.The text was updated successfully, but these errors were encountered: