Hi Scrilling,
First of all I'm not sure if I have to use: ent_search.auth.source o ent_search.auth.elastic.source I have tried both with elasticsearch-native but It doesn't works. I have the same result.
This is my elasticsearch.yml:
---------------------------------- Cluster -----------------------------------
Use a descriptive name for your cluster:
cluster.name: elasticsearchcluster
------------------------------------ Node ------------------------------------
Use a descriptive name for the node:
node.name: master01
----------------------------------- Paths ------------------------------------
Path to directory where to store the data (separate multiple locations by comma):
path.data: /var/lib/elasticsearch
Path to log files:
path.logs: /var/log/elasticsearch
---------------------------------- Network -----------------------------------
Set the bind address to a specific IP (IPv4 or IPv6):
network.host: 0.0.0.0
Set a custom port for HTTP:
http.port: 9200
--------------------------------- Discovery ----------------------------------
discovery.seed_hosts: ["myIP"]
Bootstrap the cluster using an initial set of master-eligible nodes:
cluster.initial_master_nodes: ["master01"]
Transport layer
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.transport.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.transport.ssl.certificate_authorities: [ "/etc/elasticsearch/certs/ca/ca.crt" ]
HTTP layer
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.key: /etc/elasticsearch/certs/elasticsearch.key
xpack.security.http.ssl.certificate: /etc/elasticsearch/certs/elasticsearch.crt
xpack.security.http.ssl.certificate_authorities: [ "/etc/elasticsearch/certs/ca/ca.crt" ]
xpack.security.enabled: true
This is the kibana.yml:
Kibana is served by a back end server. This setting specifies the port to use.
server.port: 5601
server.host: "myIP"
The URLs of the Elasticsearch instances to use for all your queries.
elasticsearch.hosts: ["https://myIP:9200"]
App Search configuracio
enterpriseSearch.host: 'http://myIP:3002'
Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
These settings enable SSL for outgoing requests from the Kibana server to the browser.
server.ssl.enabled: true
Enables you to specify a file where Kibana stores log output.
logging.dest: /var/log/kibana.log
Set the value of this setting to true to suppress all logging output.
logging.silent: false
Set the value of this setting to true to suppress all logging output other than error messages.
logging.quiet: false
Elasticsearch from/to Kibana
elasticsearch.ssl.certificateAuthorities: ["/etc/kibana/certs/ca/ca.crt"]
elasticsearch.ssl.certificate: "/etc/kibana/certs/kibana.crt"
elasticsearch.ssl.key: "/etc/kibana/certs/kibana.key"
Browser from/to Kibana
server.ssl.certificate: "/etc/kibana/certs/kibana.crt"
server.ssl.key: "/etc/kibana/certs/kibana.key"
xpack.security.enabled: true
elasticsearch.username: elastic
elasticsearch.password: ExV.......
And this is the enterprsie-search.yml:
---------------------------------- Secrets ----------------------------------
Encryption keys to protect your application secrets. This field is required.
secret_management.encryption_keys: [c63819da4669701559067edc2c110e63bbdb9012c14738add9d36438f0f21d14]
------------------------------- Elasticsearch -------------------------------
allow_es_settings_modification: true
Elasticsearch credentials:
elasticsearch.username: elastic
elasticsearch.password: Ex....
Elasticsearch full cluster URL:
elasticsearch.host: https://myIP:9200
Elasticsearch SSL settings:
elasticsearch.ssl.enabled: true
elasticsearch.ssl.certificate: "/usr/share/enterprise-search/certs/enterprise-search.crt"
elasticsearch.ssl.certificate_authority: "/usr/share/enterprise-search/certs/ca/ca.crt"
elasticsearch.ssl.key: "/usr/share/enterprise-search/certs/enterprise-search.key"
elasticsearch.ssl.key_passphrase: PlQrgSofx0ubFJGDUzrI
elasticsearch.ssl.verify: false
------------------------------- Hosting & Network ---------------------------
ent_search.external_url: http://myIP:3002
ent_search.listen_host: myIP
ent_search.listen_port: 3002
------------------------------ Authentication -------------------------------
ent_search.auth.source: elasticsearch-native #standard
---------------------------------- TLS/SSL ----------------------------------
Configure TLS/SSL encryption.
ent_search.ssl.enabled: true
ent_search.ssl.keystore.path: "/usr/share/enterprise-search/certs/enterprise-search.key"
ent_search.ssl.keystore.password: XXXXXXX
---------------------------------- Session ----------------------------------
Set a session key to persist user sessions through process restarts.
secret_session_key: 4ccb10475b2574d49ea3e67965f4d5c0e7f64e3d83adb9cfaa49817f5eeac4480fd552f658247ca4c789d989c73e67ba5ec0edebd4f09dfcd7d2268d1710ff6f
Thanks,
rams