Unable to verify leaf signature in Elastic Node

Hey guys,

I have an error in my Elastic node regarding the connection. I am self-hosting ElasticSearch instance on my server and I’m trying to connect to it using n8n Elastic node. But in the credentials while trying to connect to it, I get the connection error UNABLE_TO_VERIFY_LEAF_SIGNATURE. When trying to connect to the elastic instance from the browser or using HTTP request, it all works fine, but from the node I can’t connect to it. I’ve also tried to enable “Ignore SSL Issues” option, but the error was the same. Can you please suggest, what might the problem be? Thanks

Information on your n8n setup

  • n8n version:: 1.14.2
  • Database (default: SQLite):: default
  • n8n EXECUTIONS_PROCESS setting (default: own, main):: default
  • Running n8n via (Docker, npm, n8n cloud, desktop app):: Docker
  • Operating system:: Ubuntu 22.04

OK I figured it out. Posting solution in case anyone has the same problem.

Problem was that my server had a cert issued by the Let’s Encrypt issuer, but did not include a copy of that issuing cert. The problem is that, when you point that tool (N8N) at the server, there’s no way for the 2 of them to connect-the-dots. The chain is broken because neither the client or the server has a copy of the intermediate issuing certificate.
The tool trusts anything signed by ISRG, and the server has something that is signed by ISRG, but the only way to know that is if you have a copy of the Let’s Encrypt issuing cert (R3).

Grabbing the issuing cert (R3) from Let’s Encrypt and adding it to the cert chain in your ES instance.

curl -o ./lets-encrypt-r3.pem https://letsencrypt.org/certs/lets-encrypt-r3.pem

cat ./lets-encrypt-r3.pem >> config/certs/<CERTIFICATE_NAME>.pem

Solution was found here: Unable to verify the first certificate on postman - #3 by TimV - Elasticsearch - Discuss the Elastic Stack


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.