Hi,
Im trying to enable Fleet in Ingest Manager. And it say I have to enable this xpack.security.authc.api_key.enabled: true in elasticsearch.yml. But if add that line, I have to add bellow line too:
xpack.security.enabled: true
xpack.security.authc.api_key.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.http.ssl.client_authentication: optional
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
And this is my config in kibana.yml
elasticsearch.hosts: ["https://localhost:9200"]
xpack.ingestManager.enabled: true
xpack.ingestManager.fleet.tlsCheckDisabled: true
#xpack.encryptedSavedObjects.encryptionKey: ""
xpack.security.enabled: true
elasticsearch.username: "elastic"
elasticsearch.password: "mypassword"
elasticsearch.ssl.verificationMode: certificate
elasticsearch.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
Both Kibana and Elasticsearch status after reboot is Active. I check elasticsearch log and got this response
[2020-11-18T14:56:42,401][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [node-1] http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/:9200, remoteAddress=/:63845}
[2020-11-18T14:56:57,618][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [node-1] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/:9200, remoteAddress=:62987}
And I can't access Kibana web
This site can’t be reached
refused to connect.
Please help me. Thanks!