Error shows "Kibana server is not ready yet" after TLS configuration

I did not facing any issue when configured below code:

xpack.license.self_generated.type: basic
xpack.monitoring.collection.enabled: true true true
xpack.monitoring.elasticsearch.collection.enabled: true certificate required elastic-certificates.p12 elastic-certificates.p12

But when i enable below code in Elasticsearch then shows in the browser "Kibana server is not ready yet" when I hit URL( true http.p12

Also share kibana server logs:

{"type":"log","@timestamp":"2021-10-23T12:08:09+06:00","tags":["warning","plugins","security","config"],"pid":72174,"message":"Session cookies will be transmitted over insecure connections. This is not recommended."}
{"type":"log","@timestamp":"2021-10-23T12:08:09+06:00","tags":["warning","plugins","reporting","config"],"pid":72174,"message":"Chromium sandbox provides an additional layer of protection, but is not supported for Linux Red Hat Linux 7.9 OS. Automatically setting 'xpack.reporting.capture.browser.chromium.disableSandbox: true'."}
{"type":"log","@timestamp":"2021-10-23T12:08:09+06:00","tags":["info","plugins","monitoring","monitoring"],"pid":72174,"message":"config sourced from: production cluster"}
{"type":"log","@timestamp":"2021-10-23T12:08:10+06:00","tags":["info","savedobjects-service"],"pid":72174,"message":"Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}
{"type":"log","@timestamp":"2021-10-23T12:08:10+06:00","tags":["error","savedobjects-service"],"pid":72174,"message":"Unable to retrieve version information from Elasticsearch nodes."}

Kibana server not started properly. How could I solve this problem.
Have any idea please help me.

Hi @Shoaib_Hasan Welcome to the community. You're almost there...

Did you copy over the Elasticsearch CA and set it in the kibana.yml? Otherwise the http.p12 cert you setup in Elasticsearch.yml will not be recognized / validated by Kibana

In the kibana.yml

# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
elasticsearch.ssl.certificateAuthorities: /etc/kibana/elasticsearch-ca.pem

I have a complete walkthrough how to set up all this here

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.