wazuh-docker
wazuh-docker copied to clipboard
wazuh
Issue with certificate with version 4.4.1
HI,
I tried to upgrade my single node wazuh from 4.3.9 to 4.4.1.
However I am getting issue with the certificate of the indexer
pipeline/output.go:154 Failed to connect to backoff(elasticsearch(https://wazuh.indexer:9200)): Get "https://wazuh.indexer:9200": x509: certificate is valid for demo.indexer, not wazuh.indexer
I tried to starting from a fresh deployment, pruning all the wazuh containers and volumes, also re-generating the certificate using the default value, however I am getting the same error.
Everything was fine with version 4.3.9.
Something seems wrong with how the indexer is parsing the ssl certificate.
error from the wazuh manager :
ERROR [publisher_pipeline_output] pipeline/output.go:154 Failed to connect to backoff(elasticsearch(https://demo.indexer:9200)): Get "https://demo.indexer:9200": x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "Wazuh"
Same Problem here when upgrading wazuh docker from 4.3.10 to 4.4 or 4.4.1.
Same problem when upgrading wazuh docker from wazuh 4.3.10 to 4.4. How to Fix?
The config for opensearch in the wazuh.indexer container has moved to a new location.
It was:
/usr/share/wazuh-indexer/config/opensearch.yml
New path for 4.4.1:
/usr/share/wazuh-indexer/opensearch.yml
Also, certificates are now also mounted to the wazuh-home, that is, without the config directory:
/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
SOLUTION: mounting configs and certs to the new path without folder "config"
I also advise everyone to look in the history of the docker-compose configuration file for new changes before updating https://github.com/wazuh/wazuh-docker/commits/master/single-node/docker-compose.yml
ADVICE TO DEVELOPERS: Please write changelog about new changes in the docker-compose configuration. Thanks
