error of Installing wazuh 4.14 cluster
52 views
Skip to first unread message
Lanny
Mar 7, 2026, 10:23:23 PMMar 7
to Wazuh | Mailing List
Hi, following installation guide to install wazuh on 3 servers to form a cluster, after configure config.yml and prepare to install indexer, it shows the following error message
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification.
current server information
ubuntu 24.04 LTS (Noble Numbat)
any idea?
Lanny
Mar 7, 2026, 11:10:27 PMMar 7
to Wazuh | Mailing List
Hi,
And also have the following error message while perfome
bash wazuh-install.sh --wazuh-indexer node-1
ERROR: Cannot import Wazuh GPG key
Lanny 在 2026年3月8日 星期日上午11:23:23 [UTC+8] 的信中寫道:
hasitha.u...@wazuh.com
Mar 8, 2026, 5:00:25 AMMar 8
to Wazuh | Mailing List
Hi Lanny,
For a 3-node Wazuh cluster, the certs are generated from config.yml, and the docs are explicit that the node address used later must be the same one that was used when the certificates were created. Wazuh says to use the same node address from config.yml in the indexer config, and the node name passed to wazuh-install.sh --wazuh-indexer must also match the one used in config.yml.
That usually means one of these is wrong:
For a 3-node Wazuh cluster, the certs are generated from config.yml, and the docs are explicit that the node address used later must be the same one that was used when the certificates were created. Wazuh says to use the same node address from config.yml in the indexer config, and the node name passed to wazuh-install.sh --wazuh-indexer must also match the one used in config.yml.
That usually means one of these is wrong:
- The node-1 name in config.yml does not match the name you used in bash wazuh-install.sh --wazuh-indexer node-1
- The IP or DNS name in config.yml does not match what the node is actually using.
- You generated wazuh-install-files.tar / wazuh-certificates.tar from an old or incorrect config.yml
Let me know if you plan to install Wazuh central components on three different nodes or any other option?
I have tested that it's working fine on my end. Check the above details and try again from the beginning.
- nodes:
- # Wazuh indexer nodes
- indexer:
- - name: node-1
- ip: "<indexer-node-ip>"
- #- name: node-2
- # ip: "<indexer-node-ip>"
- #- name: node-3
- # ip: "<indexer-node-ip>"
- # Wazuh server nodes
- # If there is more than one Wazuh server
- # node, each one must have a node_type
- server:
- - name: wazuh-1
- ip: "<wazuh-manager-ip>"
- # node_type: master
- #- name: wazuh-2
- # ip: "<wazuh-manager-ip>"
- # node_type: worker
- #- name: wazuh-3
- # ip: "<wazuh-manager-ip>"
- # node_type: worker
- # Wazuh dashboard nodes
- dashboard:
- - name: dashboard
- ip: "<dashboard-node-ip>"
Replace <indexer-node-ip>, <wazuh-manager-ip>, and <dashboard-node-ip> according to your three servers and recreate the certificates. Make sure to use the same name you have used in the indexer: - name: node-1 in the config.yml to run the installation command: bash wazuh-install.sh --wazuh-indexer node-1
Ref: https://documentation.wazuh.com/current/installation-guide/wazuh-indexer/installation-assistant.html
Let me know the update on this.
Reply all
Reply to author
Forward
0 new messages