Hi Team! I am trying to install ZeroSSL certificate on Elasticsearch and Kibana node with the domain (www.secure-unified.tk). I have obtained the certificate from the ZeroSSL and got three files (private.key, certificate.crt, ca_bundle.crt).
I have installed Elasticsearch and my elasticsearch.yml is given below
cluster.name: cyfen
node.name: cyfen-1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
#keystore.path: certs/http.p12
verification_mode: certificate
key: /etc/elasticsearch/certs/secure-unified.tk/private.key
certificate: /etc/elasticsearch/certs/secure-unified.tk/certificate.crt
certificate_authorities: /etc/elasticsearch/certs/secure-unified.tk/ca_bundle.crt
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
#keystore.path: certs/transport.p12
#truststore.path: certs/transport.p12
key: /etc/elasticsearch/certs/secure-unified.tk/private.key
certificate: /etc/elasticsearch/certs/secure-unified.tk/certificate.crt
certificate_authorities: /etc/elasticsearch/certs/secure-unified.tk/ca_bundle.crt
cluster.initial_master_nodes: ["cyfen-1"]
Kibana configuration is give below:
server.port: 5601
server.host: "0.0.0.0"
server.ssl.enabled: true
server.ssl.certificate: /etc/kibana/certs/secure-unified.tk/certificate.crt
server.ssl.key: /etc/kibana/certs/secure-unified.tk/private.key
server.ssl.certificateAuthorities: /etc/kibana/certs/secure-unified.tk/ca_bundle.crt
elasticsearch.ssl.certificate: /etc/kibana/certs/secure-unified.tk/certificate.crt
elasticsearch.ssl.key: /etc/kibana/certs/secure-unified.tk/private.key
elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/certs/secure-unified.tk/ca_bundle.crt" ]
elasticsearch.ssl.verificationMode: full
logging:
appenders:
file:
type: file
fileName: /var/log/kibana/kibana.log
layout:
type: json
root:
appenders:
- default
- file
pid.file: /run/kibana/kibana.pid
xpack.encryptedSavedObjects.encryptionKey: 5999be05a95a396f8782572a5cd46c50
xpack.reporting.encryptionKey: 6abf107bb4e2788b7910e7908d485ef4
xpack.security.encryptionKey: 3f78d4020e749db3b7f2bcd7fea0afeb
xpack.security.session.idleTimeout: "1h"
Elasticsearch runs fine but Kibana doesn't start up it shows the following error:
Jan 26 08:52:02 elastic-security systemd[1]: Started Kibana.
Jan 26 08:52:04 elastic-security kibana[14282]: [2023-01-26T08:52:04.528+00:00][INFO ][node] Kibana process configured with roles: [background_tasks, ui]
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.495+00:00][INFO ][plugins-service] Plugin "cloudChat" is disabled.
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.495+00:00][INFO ][plugins-service] Plugin "cloudExperiments" is disabled.
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.495+00:00][INFO ][plugins-service] Plugin "cloudFullStory" is disabled.
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.495+00:00][INFO ][plugins-service] Plugin "cloudGainsight" is disabled.
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.502+00:00][INFO ][plugins-service] Plugin "profiling" is disabled.
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.586+00:00][INFO ][http.server.Preboot] http server running at https://0.0.0.0:5601
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.647+00:00][INFO ][plugins-system.preboot] Setting up [1] plugins: [interactiveSetup]
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.650+00:00][INFO ][preboot] "interactiveSetup" plugin is holding setup: Validating Elasticsearch connection configuration…
Jan 26 08:52:14 elastic-security kibana[14282]: [2023-01-26T08:52:14.679+00:00][INFO ][root] Holding setup until preboot stage is completed.
Jan 26 08:52:14 elastic-security kibana[14282]: i Kibana has not been configured.
Jan 26 08:52:14 elastic-security kibana[14282]: Go to https://0.0.0.0:5601/?code=106654 to get started.
Jan 26 08:54:21 elastic-security kibana[14282]: [2023-01-26T08:54:21.661+00:00][ERROR][plugins.interactiveSetup.elasticsearch] Failed to authenticate with host "https://www.secure-unified.tk:9200": unable to verify the first certificate
Jan 26 08:54:42 elastic-security kibana[14282]: [2023-01-26T08:54:42.113+00:00][ERROR][plugins.interactiveSetup.elasticsearch] Failed to authenticate with host "https://www.secure-unified.tk:9200": unable to verify the first certificate
Can you please guide what I am doing wrong or if i am missing any step? Any help would be appreciated. Thanks
