Connecting Kibana to an OpenID provider without setting up TLS

Tom_Cook · December 10, 2021, 5:59pm

I've got a small Elasticsearch cluster (two nodes) running in docker along with Kibana. The only thing that's exposed outside of the docker network is the Kibana service on port 5601 - and that's only exposed to localhost, as I have a reverse proxy in front of it to provide TLS to clients.

Now I want to connect it to our OpenID provider but it seems that for that I need the elastic token service, and for that I have to configure TLS on everything in the stack. Really? What is TLS going to add here? Is there no way to enable the token service without TLS?

azasypkin · December 16, 2021, 1:38pm

Hey @Tom_Cook ,

Have you tried to set xpack.security.authc.token.enabled: true in elasticearch.yml explicitly? Does Elasticsearch still require TLS in this case?

Best,
Oleg

system · January 13, 2022, 1:39pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.