Custom certificate authority for Elasticsearch connection

[biolds]

Hello,

I'm trying to make Evebox connect to an Elasticsearch server using https with a certificate signed by a custom CA. I keep getting the following error:

2022-08-12 10:13:11 WARN rustls::conn: Sending fatal alert BadCertificate
2022-08-12 10:13:11 WARN evebox::server::main: Failed to get Elasticsearch version, will try again: Reqwest(reqwest::Error { kind: Request, url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("es-server")), port: Some(9200), path: "/", query: None, fragment: None }, source: hyper::Error(Connect, Custom { kind: Other, error: Custom { kind: InvalidData, error: InvalidCertificateData("invalid peer certificate: UnknownIssuer") } }) })

I was wondering if there is an option, an environment variable or any way to set a trusted CA.

Thanks

[jasonish]

No really yet. You can use the -k command line option to disable certificate validation.

Or if you try the latest development build, you can add your CA to your operating system's trusted CAs and EveBox should pick that up as well.

But right now there is no option to specify it within EveBox itself. I do plan to do this tho.