Error Unable to retrieve version information from Elasticsearch nodes. unable to get issuer certificate

kray · January 4, 2024, 1:51pm

please help, when I open the wazuh web the following error

and I checked the kibana log, there is the following error
{"type":"log","@timestamp":"2024-01-04T20:11:27+07:00","tags":["error","elasticsearch-service"],"pid":124378,"message":"Unable to retrieve version information from Elasticsearch nodes. unable to get issuer certificate"}

stephenb · January 4, 2024, 3:27pm

Hi @kray Welcome to the community.

This is a common error when Kibana cannot connect to elasticsearch.

You need to tell us how you installed / What documentation you followed.

You will need to share both

kibana.yml and elasticsearch.yml

kray · January 5, 2024, 4:08am

Hi @stephenb
I initially installed Elasticsearch, wazuh-manager, Filebeat, and kibana. then I used my own cert. but the error as in my post.

here are my kibana.yml details

here are my elasticsearch.yml details

network.host: wazuh.xxxx.id
node.name: elasticsearch
cluster.initial_master_nodes: elasticsearch

# Transport layer
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.key: /etc/elasticsearch/certs/wildcard_xxx_id.key
xpack.security.transport.ssl.certificate: /etc/elasticsearch/certs/wildcard_xxx_id.crt
xpack.security.transport.ssl.certificate_authorities: /etc/elasticsearch/certs/ca/CACert.crt

# HTTP layer
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.key: /etc/elasticsearch/certs/wildcard_xxx_id.key
xpack.security.http.ssl.certificate: /etc/elasticsearch/certs/wildcard_xxx_id.crt
xpack.security.http.ssl.certificate_authorities: /etc/elasticsearch/certs/ca/CACert.crt

# Elasticsearch authentication
xpack.security.enabled: true

path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch

leandrojmp · January 5, 2024, 4:22am

Are Kibana and Elasticsearch on the same machine? If not, is this hostname accessible from the Kibana machine?

Did you confirm that your Elasticsearch is running and acessible from the Kibana machine using a curl request for example?

kray · January 5, 2024, 4:32am

Hi @leandrojmp,

kibana and elasticsearch are on the same machine
here is the result of the elasticsearch curl

system · February 2, 2024, 4:33am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.