Generating elastic stack certificates
90 views
Skip to first unread message
Todor Dimitrov
Nov 8, 2024, 3:48:00 AM11/8/24
to Wazuh | Mailing List
Hello,
with either --ca or --ca-cert/--ca-key to generate certificates., with exit code 64.
I tried following the guide to install Wazuh and Elastic stack all in one and i got to the part where i have to provide a CA to create the Elastic certificates but i get ERROR: Generating certificates without providing a CA is no longer supported.
Please first generate a CA with the 'ca' sub-command and provide the ca filewith either --ca or --ca-cert/--ca-key to generate certificates., with exit code 64.
I have generated a ca file but how and where do i "provide" it to generate the elastic certificates?
Regards,
Todor
Samson Olugbenga Idowu
Nov 8, 2024, 5:13:24 AM11/8/24
to Wazuh | Mailing List
Hello Todor,
You can use the following command to generate the certificates with the rootCA and Wazuh cert tool:
bash ./wazuh-certs-tool.sh -A ./root-ca.pem ./root-ca.key
You can download the Wazuh cert tool using:
Do let me know if this helps or if you require further assistance.
Regards,
Samson.
Thank you for choosing Wazuh.
You can use the following command to generate the certificates with the rootCA and Wazuh cert tool:
bash ./wazuh-certs-tool.sh -A ./root-ca.pem ./root-ca.key
You can download the Wazuh cert tool using:
Do let me know if this helps or if you require further assistance.
Regards,
Samson.
Message has been deleted
Todor Dimitrov
Nov 8, 2024, 8:45:07 AM11/8/24
to Wazuh | Mailing List
Hello Samson,
Thanks for your answer. I am currently stuck on /usr/share/elasticsearch/bin/elasticsearch-certutil cert ca --pem --in instances.yml --keep-ca-key --out ~/certs.zip command to generate the certificates in the certs.zip and it prompts me to Please enter the desired output file [elastic-certificates.p12] so i entered certs.zip but when i type the next command unzip ~/certs.zip -d ~/certs to unzip the file it says that it's not an archive file and gives this error End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive. What am i doing worng? Please help!
Regards,
Todor
Todor Dimitrov
Nov 8, 2024, 9:09:31 AM11/8/24
to Wazuh | Mailing List
Hello Samson,
To give you an answer about the information you provided. I don't have Wazuh installed yet so when i run this bash ./wazuh-certs-tool.sh -A ./root-ca.pem ./root-ca.key i get an error: no configuration file found.
Regards,
Todor
On Friday 8 November 2024 at 12:13:24 UTC+2 Samson Olugbenga Idowu wrote:
Samson Olugbenga Idowu
Nov 12, 2024, 6:11:08 AM11/12/24
to Wazuh | Mailing List
Hello,
To understand better, you can refer to our documentation on certificate deployment.
Regards,
Samson.
To understand better, you can refer to our documentation on certificate deployment.
Regards,
Samson.
Reply all
Reply to author
Forward
0 new messages