Hello, I have some problem: I have a docker-compose with Elasticsearch, Kibana and Enterprise Search. all work locally but I need https to use connector with a custom domain name. When I try, I have an error:
"Safari can't open the page https://192.168.102.50:5601 because Safari can't establish a secure connection to the server 192.168.102.50"
I have a certificate and private key from letsencrypt. I don't know what I can do. can you help me?
here is my docker-compose
version: '2'
networks:
elastic:
driver: bridge
volumes:
elasticsearch:
driver: local
certs:
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.1
restart: unless-stopped
container_name: node1
environment:
cluster.name: my_cluster
node.name: node1"
discovery.type: single-node
ES_JAVA_OPTS: -Xms512m -Xmx512m
xpack.security.enabled: "true"
xpack.security.authc.api_key.enabled: "true"
xpack.security.audit.enabled: "true"
ELASTIC_PASSWORD: ${ELASTIC_PASSWORD}
xpack.security.transport.ssl.enabled: "true"
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/certificates/fullchain.pem
xpack.security.transport.ssl.key: /usr/share/elasticsearch/config/certificates/privkey.pem
xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca-certificates.crt
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.enabled: "true"
#xpack.security.http.ssl.client_authentication: optional
xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certificates/ca-certificates.crt
xpack.security.http.ssl.key: /usr/share/elasticsearch/config/certificates/privkey.pem
xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/certificates/fullchain.pem
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- elasticsearch:/usr/share/elasticsearch/data
- /home/lenaic/ela/certs:$CERTS_DIR
ports:
- 9200:9200
networks:
- elastic
ent-search:
image: docker.elastic.co/enterprise-search/enterprise-search:7.17.1
restart: unless-stopped
depends_on:
- "elasticsearch"
environment:
- "JAVA_OPTS=-Xms512m -Xmx512m"
- "ENT_SEARCH_DEFAULT_PASSWORD=${ELASTIC_PASSWORD}"
- "elasticsearch.username=elastic"
- "elasticsearch.password=${ELASTIC_PASSWORD}"
- "elasticsearch.host=https://elastic.mirahi.cloud:9200"
- "allow_es_settings_modification=true"
- "secret_management.encryption_keys=[${SECRET_MANAGEMENT_ENCRYPTION}]"
- "elasticsearch.startup_retry.interval=15"
- "ent_search.external_url=http://elastic.mirahi.cloud:3002"
- "kibana.external_url=https://elastic.mirahi.cloud:5601"
- "elasticsearch.ssl.enabled:true"
- "elasticsearch.ssl.certificate:/usr/share/elasticsearch/config/certificates/fullchain.pem"
- "elasticsearch.ssl.key:/usr/share/elasticsearch/config/certificates/privkey.pem"
ports:
- 3002:3002
networks:
- elastic
kibana:
image: docker.elastic.co/kibana/kibana:7.17.1
restart: unless-stopped
depends_on:
- "elasticsearch"
- "ent-search"
ports:
- 5601:5601
environment:
ELASTICSEARCH_HOSTS: https://elastic.mirahi.cloud:9200
enterpriseSearch.host: https://elastic.mirahi.cloud:3002
ELASTICSEARCH_USERNAME: elastic
server.host: 192.168.102.50
server.name: elastic.mirahi.cloud
elasticsearch_url: "https://192.168.102.50:9200"
ELASTICSEARCH_PASSWORD: ${ELASTIC_PASSWORD}
enterpriseSearch.ssl.verificationMode: certificate
server.ssl.enable: "true"
server.ssl.certificate: /usr/share/elasticsearch/config/certificates/fullchain.pem
server.ssl.key: /usr/share/elasticsearch/config/certificates/privkey.pem
elasticsearch.ssl.certificate: /usr/share/elasticsearch/config/certificates/fullchain.pem
elasticsearch.ssl.verificationMode: certificate
#elasticsearch.ssl.certificateAuthorities: /usr/share/elasticsearch/config/certificates/ca-certificates.crt
elasticsearch.ssl.key: /usr/share/elasticsearch/config/certificates/privkey.pem
networks:
- elastic
volumes:
- /home/lenaic/ela/certs:$CERTS_DIR
#- certs:$CERTS_DIR