I've read this blog post which has been helpful in getting started: Custom Domain
However, due to various requirements on our end, I need to proxy our Elastic Cloud Kibana instance using AWS Route53/Cloudfront. And for this reason I'm writing this post.
I've managed to setup a distribution with my specific elastic/kibana instance URL as the origin. I also added the following two Request headers:
kbn-xsrf: kibana
x-found-cluster: {my-uid-kibana}
My custom domain passes all TLS verifications via curl and any browser including Qualsys tests. However, when I navigate to my custom domain I get:
{"statusCode":401,"error":"Unauthorized","message":"Unauthorized"}
If I navigate to my custom domain with /login appended then I get presented the login page. But once I login, it redirects back to my custom domain and returns the above 401 unauthorized error again.
I must be missing another request/response configuration to properly handle redirects after successfully logging in? I'm not sure.
Anyone able to help?