Certificate error X509

[Ibrahim Maqatef]

Hi support team, 

I have distributed deployment in different virtual machines (wazuh-indexer, wazuh-server and wazuh-dashboard) with IP 192.168.0.0/24 and I followed the same procedures in the wazuh website and it was successfully.

then I moved the above virtual machined from test environment to production but with different IPs as follows :

wazuh-indexer and wazuh-server are 172.22.71.0/24

wazuh-dashboard is 172.22.64.0/24

after that i followed the procedures in the wazuh website to generate new certificates and applied to all VM machines , but unfortunately once I tried to test 

filebeat test output command , gave me message ERROR x509 certificate is not valid for any name 

please advise and suggest 

Regards,

[Gabriel Diaz Lopez de la Llave]

Hello,

Did you re-use the certificates created in the testing environment? If you did so, I would suggest you create new ones, either using the Installing the Wazuh server using the assistant - Wazuh server or  Certificates deployment - User manual · Wazuh documentation guides. 

Certificates are bound to names and/or IP addresses, if you change names or/and IP addresses, then the certificates are no longer valid, and you need to create new ones, configured for those IPs.

Also,  ensure all VMs have the same date and time (use ntp or something similar) because this is also a source of problems when validating certificates.

Can you share with us which wazuh version are you testing?

Gabriel

[Ibrahim Maqatef]

HI Gabrie, 

thank you so much for your support, it is working now 

Thanks