Is there any ways to use the encrypted private key for SSL in Kibana? Encrypted private key can be stored in Windows Certificate Store, then Kibana can retrieve the key from that to use.
Currently, I use the decrypted private key. But my system admin don't want it because private key can be stolen and use to fake our site by attacker.
you can very well do that.create two certificates one certificate and other its key.and provide the path-the below config lines are already in kibana.server.ssl.enabled: true
server.ssl.key: /path/to/your/server.key
server.ssl.certificate: /path/to/your/server.crt
##if you want some already generated certificates
check for openssl version
cmd to run= openssl version
cmd to run = keytool
Which should print a list of available keytool commands. If this is not the case, check your JDK installation and make sure the keytool is on your PATH.
3)go to this path and download it : https://github.com/floragunncom/search-guard-ssl/tree/es-6.0.0
4)The script to execute is ./example.sh, located in the folder example-pki-scripts.
5)If for any reason you need to re-execute the script, execute ./clean.sh in the same directory first. This will remove all generated files automatically.
there you can find kibana certificates.copy kibana.pem and kibana.key and keep it in kibana directory.Provide the path in the above config lines mentioned.I am sure you can do this.It will work very well.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.