Cannot SIGHUP Kibana with SSL enabled

I have SSL enabled in kibana using "server.ssl.cert: /etc/opt/zookeeper/kafkapoc.pem" (and the associated key is also set). This works just fine and uses SSL. However, I just configured logrotate and when I send SIGHUP to the kibana process it logs that it is going to reconfigure logging and then exits

throw results.error;

ValidationError: child "server" fails because [child "ssl" fails because ["cert" is not allowed]]
at Object.exports.process (/usr/share/kibana/node_modules/joi/lib/errors.js:140:17)
at internals.Any._validateWithOptions (/usr/share/kibana/node_modules/joi/lib/any.js:649:25)
at root.validate (/usr/share/kibana/node_modules/joi/lib/index.js:102:23)
at Config._commit (/usr/share/kibana/src/server/config/config.js:113:35)
at Config.set (/usr/share/kibana/src/server/config/config.js:84:10)
at Config.extendSchema (/usr/share/kibana/src/server/config/config.js:57:10)

I can change logrotate to do stop/start to workaround this. I recently installed xpack and told it not to enable security (since I already had SSL enabled in my whole ELK / kafka / zookeeper environment. I am not sure if this happens without xpack. Anyways it seems wrong that restart does validation not done on startup.

@Badger this is caused because of a bug being tracked here. For the time being I'd recommend using elasticsearch.ssl.certificate if you'd like to use SIGHUP to restart the kibana process.

That would be server.ssl.certificate, but yes, that fixes the problem. Thanks!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.