No TLS certificates shown in the kibana/uptime/certificate dashboard

[InbarShimshon]

Please post all questions and issues on https://discuss.elastic.co/c/beats
before opening a Github Issue. Your questions will reach a wider audience there,
and if we confirm that there is a bug, then you can open a new issue.

For security vulnerabilities please only send reports to security@elastic.co.
See https://www.elastic.co/community/security for more information.

Please include configurations and logs if available.

For confirmed bugs, please report:

• Version: 7.8.1
• Operating System:
• Discuss Forum URL:
• Steps to Reproduce:

Set up HB > LS > ES > Kibana with aim to see TLS certificate in Uptime.
Issue: While certificate shows in monitors while under TLS certificate it remains empty.

in heartbeat.yml settings are correct

heartbeat.monitors:
- type: tcp
 schedule: '@every 5s'
 name: inbartes
 hosts: ["inbar.test.test"]
 ports: [0000]
 ssl:
  certificate_authorities: ['/opt/certs/ca-int.pem']
  supported_protocols: ["TLSv1.0", "TLSv1.1", "TLSv1.2"]

tls.server.* fields are present:

From a test the conditions are the certificates shown in the kibana/uptime/certificate dashboard are as followed

GET heartbeat-8.0.0*/_search
{
  "from": 1,
  "size": 10,
  "query": {
    "bool": {
      "filter": [
        {
          "exists": {
            "field": "tls.server"
          }
        },
        {
          "range": {
            "monitor.timespan": {
              "gte": "now-5m",
              "lte": "now"
            }
          }
        }
      ]
    }
  },
  "_source": [
    "monitor.id",
    "monitor.name",
    "tls.server.x509.issuer.common_name",
    "tls.server.x509.subject.common_name",
    "tls.server.hash.sha1",
    "tls.server.hash.sha256",
    "tls.server.x509.not_after",
    "tls.server.x509.not_before"
  ],
  "collapse": {
    "field": "tls.server.hash.sha256",
    "inner_hits": {
      "_source": {
        "includes": [
          "monitor.id",
          "monitor.name",
          "url.full"
        ]
      },
      "collapse": {
        "field": "monitor.id"
      },
      "name": "monitors",
      "sort": [
        {
          "monitor.id": "asc"
        }
      ]
    }
  },
  "aggs": {
    "total": {
      "cardinality": {
        "field": "tls.server.hash.sha256"
      }
    }
  }
}

The suggestion was that maybe the spoiler here is this filter

{
          "range": {
            "monitor.timespan": {
              "gte": "now-5m",
              "lte": "now"
            }
          }
        }

I believe this is a bug

[elasticmachine]

Pinging @elastic/uptime (Team:Uptime)

[andrewvc]

This appears to have been caused by a versioning issue. The real issue here is that we can't render the page without the new tls.server.* fields which are only present in heartbeat 7.8+ . In a sense we need a design solution here, maybe a message to indicate that they need to upgrade heartbeat.

I think a simple way to do that would be, if there's an empty list, to have the empty state show a message stating "No Certificates found. Note: Certificates are only visible for Heartbeat 7.8+"