Update - Attempted it again by using the following settings in my elasticsearch.yml:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.authc.token.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/elastic-certificates.p12
#
xpack.security.authc.realms.samll:
type: saml
order: 1
idp.metadata.path: "https://login.microsoftonline.com/DirectoryID/federationmetadata/2007-06/federationmetadata.xml?appid=AppID"
idp.entity_id: "https://sts.windows.net/DirectoryID/"
sp.entity_id: "https://investc-policydashboard.drlteam.net/"
sp.acs: "https://investc-policydashboard.drlteam.net:443/api/security/v1/saml"
sp.logout: "https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0"
attributes.principal: "nameid:persistent"
And in my Kibana.yml:
xpack.security.authProviders: [saml, basic]
server.xsrf.whitelist: [/api/security/v1/saml]
#Xpack Settings for Application Gateway
xpack.security.public:
protocol: https
hostname: investc-policydashboard.drlteam.net
port: 443
Not much is different except for the :443
added in the sp.acs
. After adding these settings I still received a 502 error. What's worse, is when I tried to revert my changes the 502 error remained and Kibana now has these logs when checking the status of it:
Mar 19 18:28:38 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:38Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"Unable to revive connection: http://10.20.1.4:9200/"}
Mar 19 18:28:38 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:38Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"No living connections"}
Mar 19 18:28:39 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:39Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"Unable to revive connection: http://10.20.1.4:9200/"}
Mar 19 18:28:39 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:39Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"No living connections"}
Mar 19 18:28:39 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:39Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"Unable to revive connection: http://10.20.1.4:9200/"}
Mar 19 18:28:39 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:39Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"No living connections"}
Mar 19 18:28:41 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:41Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"Unable to revive connection: http://10.20.1.4:9200/"}
Mar 19 18:28:41 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:41Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"No living connections"}
Mar 19 18:28:43 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:43Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"Unable to revive connection: http://10.20.1.4:9200/"}
Mar 19 18:28:43 drl-kibana kibana[4072]: {"type":"log","@timestamp":"2019-03-19T18:28:43Z","tags":["warning","elasticsearch","admin"],"pid":4072,"message":"No living connections"}
This was not the case before I applied the changes so I know it isn't some other configuration that i'm missing.
Any help would be appreciated. Thanks