Elasticsearch на Ubuntu 18.04.2 LTS: не имеет релизного файла

Question

Я пытаюсь установить ELK в соответствии с официальной документацией . Я за корпоративным брандмауэром, использующим собственный сертификат. Следовательно, на первом этапе я добавляю открытый ключ с помощью опции --no-check-certificate в wget.

Однако после добавления репо в /etc/apt/sources.list.d/elastic-7.x.list появляется следующая ошибка: #apt-get update:

root@ubuntu:~# sudo apt-get update && sudo apt-get install elasticsearch
Hit:1 http://archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://archive.ubuntu.com/ubuntu bionic-security InRelease
Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable InRelease
Err:5 https://artifacts.elastic.co/packages/7.x/apt stable Release
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 151.101.14.222 443]
Reading package lists... Done
E: The repository 'https://artifacts.elastic.co/packages/7.x/apt stable Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Я попытался добавить [trusted=yes] в файл .list:

deb [trusted=yes] https://artifacts.elastic.co/packages/7.x/apt stable main

Однако это приводит к еще большему количеству ошибок при попытке обновить apt:

Ign:1 https://artifacts.elastic.co/packages/7.x/apt stable InRelease
Ign:2 https://artifacts.elastic.co/packages/7.x/apt stable Release
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Hit:5 http://archive.ubuntu.com/ubuntu bionic InRelease
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Hit:8 http://archive.ubuntu.com/ubuntu bionic-security InRelease
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Hit:11 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Ign:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Ign:3 https://artifacts.elastic.co/packages/7.x/apt stable/main all Packages
Err:4 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 Packages
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 151.101.14.222 443]
Ign:6 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en_US
Ign:7 https://artifacts.elastic.co/packages/7.x/apt stable/main Translation-en
Ign:9 https://artifacts.elastic.co/packages/7.x/apt stable/main amd64 c-n-f Metadata
Ign:10 https://artifacts.elastic.co/packages/7.x/apt stable/main all c-n-f Metadata
Reading package lists... Done
E: Failed to fetch https://artifacts.elastic.co/packages/7.x/apt/dists/stable/main/binary-amd64/Packages  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 151.101.14.222 443]
E: Some index files failed to download. They have been ignored, or old ones used instead.

Answer 1

Я разобрался, как это сделать: извлекая SSL-сертификат, который был установлен корпоративным брандмауэром и добавляя его в список доверенных сертификатов, я решил проблему:

echo -n | openssl s_client -showcerts -servername -connect github.com:443 2>/dev/null  | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'  >> $(curl-config --ca)