Thanks for your response!
Tried to fix things by proxying access to kibana along these lines:
Still had the same issue. Then, for giggles, I tried to log in from my iPhone, and igt worked. So, it seems to be an issue with Firefox:
Cookie “sid” does not have a proper “SameSite” attribute value.
Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”.
This means that the cookie will no longer be sent in third-party contexts.
If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it.
To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
There don't be sufficient settings to relax security for a particular site (at least that I could find). But given the text in the error message, it would seem that I should expect other browsers to eventually act the same, as security is ramped up.
This makes me wonder, if I have some settings wrong in /etc/kibana/kibana.yml
Currently:
server.host: "localhost"
server.basePath: "/kibana"
server.rewriteBasePath: false
server.publicBaseUrl: "https://myhost.domain.tld/kibana"
server.name: "myhost.domain.tld"
and in the corresponding apache.conf:
### Elastic - Kibana server app
<Location /kibana/>
ProxyPass http://127.0.0.1:5601/
ProxyPassReverse http://127.0.0.1:5601/
</Location>
Anything that sticks out as wrong?