Filebeat certificate issue while setting up Kibana dashboard

Hi there :slight_smile:

I'm trying to setup Filebeat default dashboards in Kibana, within my ELK lab.
The whole stack is version 7.4.2.
I have configured security in Elasticsearch and Kibana, using the elasticsearch-certutil utility to create the CA and related Self Signed certificates.
Kibana and Elasticsearch are exposing their APIs through HTTPS.

The point is that filebeat is not able to create visualizations and dashboard through Kibana APIs as it returns an x509 unknown authority when filebeat tries to connct to it causing filebeat service to fail.
I've added ssl.verification_mode: none in the setup portion of Kibana as per documentation but it still throws the same error:

# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API.
# This requires a Kibana endpoint configuration.
setup.kibana:

  # Kibana Host
  # Scheme and port can be left out and will be set to the default (http and 5601)
  # In case you specify and additional path, the scheme is required: http://localhost:5601/path
  # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601
  host: "https://kibana:5601"
  ssl.verification_mode: none

  # Kibana Space ID
  # ID of the Kibana Space into which the dashboards should be loaded. By default,
  # the Default Space will be used.
  #space.id:

I thought that this would have been enough, to ignore cert validity.
But it doesn't seem so.
What am i doing wrong?
I also tried to specifiy path to the CA: ssl.certificate_authorities: ["/path/to/cert/cert.p12"]
But as my CA is a PKCS#12 keystore filebeat fails to validate it as it's a binary file.
I don't want to regenerate the CA and the certificates, if possibile.
Do you have any suggestion?

Many thanks in advance!
Alessandro

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.