Connect Kibana to ES with Shield

security

(Kev) #1

I have Elasticsearch running with Shield, and it is SSL enabled. When I start up Kibana, I get the error: Unable to connect to Elasticsearch at https://hostname:9200 . In the logs it shows that exception: SSLhandshakeexception null cert chain.
Kibana log shows: sslv3 alert bad certificate: SSL alert number 42

My kibana.yml file has

elasticsearch.username: ""kibana4-server"
elasticsearch.password: "password"
server.ssl.cert: cert.pen
server.ssl.key: newkey.pem

elasticsearch.ssl.cert: ?

elasticsearch.ssl.key: ?

My elasticsearch.yml has:

shield.transport.ssl:false
shield.http.ssl:true
shield.ssl.keystore.path: path/p.jks
shield.ssl.keystore.password: password

shield.ssl.truststore.path: path/alltrust.jks
shield.ssl.truststore.password: password

shield.http.ssl.client.auth: required

shield.authc.realms.pki1.type: pki
shield.authc.realms.pki1.truststore.path: path/alltrust.jks
shield.authc.realms.pki1.truststore.password: password


(system) #2