Certificate signed by unknown authority message

[robm82]

Hi - I am having an issue when attempting to run o365beat within a docker container if you could provide some assistance? At the point where it is running o365beat and attempting to authenticate with O365, it is saying that the certificate is signed by an unknown authority which is weird as when I inspected the cert it is signed with DigiCert:

This is my Dockerfile:

FROM ubuntu:latest
ADD https://github.com/counteractive/o365beat/releases/download/v1.5.1/o365beat-1.5.1-amd64.deb /tmp/

RUN  apt-get install /tmp/o365beat-1.5.1-amd64.deb

COPY o365beat.yml /etc/o365beat/
RUN chmod go-w /etc/o365beat/o365beat.yml
CMD [ "/usr/bin/o365beat" ]

Let me know if you need any further information, and thank you in advance for any help.

[chris-counteractive]

@robm82 I'll take a look today, thanks for the issue!

[chris-counteractive]

@robm82 we'll still be looking into this, but I just realized (a few months late) that filebeat now supports o365 with an official module, as of v7.7.0. It might be that's a better solution for you going forward. Thanks again for filing the issue, we'll wrap a fix in our final release if we can reproduce and diagnose.