Skip to content

Commit 9d41d6c

Browse files
blakerousemergify-bot
blakerouse
authored and
mergify-bot
committed
Fix issue where --insecure didn't propogate to Fleet Server ES connection (#27969)
* Fix issue where --insecure didn't propogate to Fleet Server ES connection. * Add changelog. (cherry picked from commit cbbe8c2)
1 parent 8a94abc commit 9d41d6c

2 files changed

Lines changed: 10 additions & 1 deletion

File tree

x-pack/elastic-agent/CHANGELOG.next.asciidoc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,7 @@
8282
- Add validation for certificate flags to ensure they are absolute paths. {pull}27779[27779]
8383
- Migrate state on upgrade {pull}27825[27825]
8484
- Snapshot artifact lookup will use agent.download proxy settings. {issue}27903[27903] {pull}27904[27904]
85+
- Fix issue where --insecure didn't propogate to Fleet Server ES connection. {pull}27969[27969]
8586

8687
==== New features
8788

x-pack/elastic-agent/pkg/agent/cmd/enroll_cmd.go

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -263,6 +263,7 @@ func (c *enrollCmd) fleetServerBootstrap(ctx context.Context) (string, error) {
263263
c.options.FleetServer.ConnStr, c.options.FleetServer.ServiceToken,
264264
c.options.FleetServer.PolicyID,
265265
c.options.FleetServer.Host, c.options.FleetServer.Port,
266+
c.options.Insecure,
266267
c.options.FleetServer.Cert, c.options.FleetServer.CertKey, c.options.FleetServer.ElasticsearchCA,
267268
c.options.FleetServer.Headers,
268269
c.options.FleetServer.ProxyURL,
@@ -460,6 +461,7 @@ func (c *enrollCmd) enroll(ctx context.Context, persistentConfig map[string]inte
460461
c.options.FleetServer.ConnStr, c.options.FleetServer.ServiceToken,
461462
c.options.FleetServer.PolicyID,
462463
c.options.FleetServer.Host, c.options.FleetServer.Port,
464+
c.options.Insecure,
463465
c.options.FleetServer.Cert, c.options.FleetServer.CertKey, c.options.FleetServer.ElasticsearchCA,
464466
c.options.FleetServer.Headers,
465467
c.options.FleetServer.ProxyURL, c.options.FleetServer.ProxyDisabled, c.options.FleetServer.ProxyHeaders)
@@ -759,7 +761,7 @@ func storeAgentInfo(s saver, reader io.Reader) error {
759761

760762
func createFleetServerBootstrapConfig(
761763
connStr, serviceToken, policyID, host string,
762-
port uint16,
764+
port uint16, insecure bool,
763765
cert, key, esCA string,
764766
headers map[string]string,
765767
proxyURL string,
@@ -817,6 +819,12 @@ func createFleetServerBootstrapConfig(
817819
},
818820
}
819821
}
822+
if insecure {
823+
if cfg.Server.TLS == nil {
824+
cfg.Server.TLS = &tlscommon.Config{}
825+
}
826+
cfg.Server.TLS.VerificationMode = tlscommon.VerifyNone
827+
}
820828

821829
if localFleetServer {
822830
cfg.Client.Transport.Proxy.Disable = true

0 commit comments

Comments
 (0)