If encryption is enabled on the Elasticsearch cluster, you need to connect to Elasticsearch via
HTTPS. If the certificate authority (CA) that signed your node certificates
is not in the host system’s trusted certificate authorities list, you also need
to add the path to the
.pem file that contains your CA’s certificate to the
APM Server configuration.
To configure a APM Server to connect to Elasticsearch via HTTPS, add the
protocol to all host URLs: