We have developed a custom Kibana plugin, and it needs to call a REST API endpoint at another internal server of ours. We run Kibana on https since we need authentication, but we use a self-signed certificate since this is a private server. The service accepting the call can handle https, but so far also uses a self-signed certificate. As a result, the call fails due to "invalid" SSL certificate.
Any ideas on how we could circumvent this problem? In particular, are there any options that would instruct the httpClient to ignore invalid certificates, like the --no-check-certificate option of wget?
I know I could add an exception to the browser (but it is not very easy, since calling the API from within Kibana is not user-visible), or buy a commercial certificate, but I would like to explore less custom or expensive options first.
I think it would be easiest if you wrote a node script out side of kibana to perform the request and then you can move that code into the plugin. I'm not sure which httpClient you're using but I don't think anything thats kibana provided will do what you need. Here's some example code that will make a request using a client certificate - https://stackoverflow.com/questions/35478215/how-to-do-https-get-with-client-certificate-in-node
I created the plugin with the standard generator, so I am using the httpClient provided. It would be good to know what exactly this is, in case I can pass some options to make it ignore the self-signed certificate.
@nplatis the httpClient provided as part of the kibana plugin system is for making calls to the kibana server. You'll find what you need with node's https module.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.