Issue
I am trying to install ELK according to the official documentation. I am behind a corporate firewall using it's own certificate. Hence, during the first step, I am adding the public key using the --no-check-certificate option of wget.
However, after adding the repo to /etc/apt/sources.list.d/elastic-7.x.list, I get the following error running #apt-get update:
root@ubuntu:~# sudo apt-get update && sudo apt-get install elasticsearch
Hit:1 http://archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://archive.ubuntu.com/ubuntu bionic-security InRelease
Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable InRelease
Err:5 https://artifacts.elastic.co/packages/7.x/apt stable Release
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 151.101.14.222 443]
Reading package lists... Done
E: The repository 'https://artifacts.elastic.co/packages/7.x/apt stable Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I tried adding [trusted=yes] to the .list file:
deb [trusted=yes] https://artifacts.elastic.co/packages/7.x/apt stable main
This however leads to even more errors while trying to update apt:
Ign:1 https://artifacts.elastic.co/packages/7.x/apt stable InRelease
Ign:2 https://artifacts.elastic.co/packages/7.x/apt stable Release
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Hit:5 http://archive.ubuntu.com/ubuntu bionic InRelease
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Hit:8 http://archive.ubuntu.com/ubuntu bionic-security InRelease
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Hit:11 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Err:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 151.101.14.222 443]
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Reading package lists... Done
E: Failed to fetch https://artifacts.elastic.co/packages/7.x/apt/dists/stable/main/binary-amd64/Packages Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 151.101.14.222 443]
E: Some index files failed to download. They have been ignored, or old ones used instead.
Solution
I figured out how to do it: by extracting the SSL certificate which was imposed by the corporate firewall and adding it to the list of trusted certificates, I was resolved the issue:
echo -n | openssl s_client -showcerts -servername -connect github.com:443 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $(curl-config --ca)
Answered By - user1192748