I'm unable to open kibana as elastic-search is irresponsive as I made changes to elasticsearch.yml for SSL authentication.
On dashboard on webpage i get "Cannot connect to the Elasticsearch cluster".
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
labuser@illumni8:/root/elasticsearch-7.1.1/config$ curl -v 'https://10.27.0.4:9200'
Expire in 0 ms for 6 (transfer 0x55e27d9cf5c0)
Trying 10.27.0.4...
TCP_NODELAY set
Expire in 200 ms for 4 (transfer 0x55e27d9cf5c0)
Connected to 10.27.0.4 (10.27.0.4) port 9200 (#0)
ALPN, offering h2
ALPN, offering http/1.1
successfully set certificate verify locations:
CAfile: none
CApath: /etc/ssl/certs
TLSv1.3 (OUT), TLS handshake, Client hello (1):
TLSv1.3 (IN), TLS handshake, Server hello (2):
TLSv1.2 (IN), TLS handshake, Certificate (11):
TLSv1.2 (OUT), TLS alert, unknown CA (560):
SSL certificate problem: unable to get local issuer certificate
Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: curl - SSL CA Certificates
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
On elasticsearch logs , I get
[2019-08-07T23:02:29,687][WARN ][o.e.h.AbstractHttpServerTransport] [illumni8] caught exception while handling client http traffic, closing connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/10.27.0.4:42440}
[2019-08-07T23:02:28,702][WARN ][o.e.h.AbstractHttpServerTransport] [illumni8] caught exception while handling client http traffic, closing connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/127.0.0.1:41492}
io.netty.handler.codec.DecoderException: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 48454144202f20485454502f312e310d0a417574686f72697a6174696f6e3a2042617369632064584e6c636a707759584e7a643239795a413d3d0d0a486f73743a203132372e302e302e313a393230300d0a436f6e74656e742d4c656e6774683a20300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a
I am following this thread from your last post "Unable to configure 'x-pack security' under basic license. I am working on a similar setup in Kubernetes elastic(3-node) v7.1.0 and kibana. I am in the early state of setup, going through the parameters for elasticsearch.yml. I don't see the license parameter in your file, are you still doing it with basic license.
xpack.license.self_generated.type: "basic"
Another thing, I am getting some weird errors while generating certs on k8s hosts. Did you face any issues there?
This is just a client ( could be Kibana or a browser request ) attempting to connect to Elasticsearch over http when Elasticsearch is already configured to expect connections with http over TLS
Looks like you didn't solve that problem, instead you just disabled security in Elasticsearch with
xpack.security.enabled: false
The changes you made to Kibana also, have nothing to do with the communication between Kibana and Elasticsearch but with the communication between your browser and Kibana.
I would urge you to go through and read the available documetation ( Setting up TLS on a cluster | Elasticsearch Guide [7.3] | Elastic) in detail before moving forward with the rest of the configuration. It is a small upfront time investment that will pay off significantly when you actually try and configure this when knowing what needs to be configured and how ! We'll be happy to help with specific issues then
I'm not sure if this helps, but we had some problems around ES+Kibana setup after enabling authentication.
At first we enabled an anonymous user on ES, with superuser role, and everything went fine. Then we changed the role of the anonymous user and Kibana started to have problems. It was because we didn't add the ES username+password to the kibana config file and that's needed from Kibana to perform some operations on startup.
AFter that, everything works fine.
edit: ahhh, your problems seems to be around connection issues and not auth issues. Then probably my answer is not helpful at all at the moment
On further looking at logs [2019-08-09T10:00:22,692][WARN ][o.e.h.AbstractHttpServerTransport] [node-1] caught exception while handling client http traffic, closing connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/172.27.0.5:65296}
This remote address is uknown to me, where is remoteaddress info picked on?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.