Getting empty response from server

Elastic Stack Elasticsearch
1

Hi I've installed elk stack of version 8.5.1. All services are active. But when i try to access curl http://localhost:9200 or publicip:9200 getting empty response error


path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["ip-10-0-9-223.ap-south-1.compute.internal"]

# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0
2

You have security enabled, so need to use https, e.g. https://localhost:9200, with authentication.

1 Like
3

even that's not working

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

If i xpack.security.http.ssl: false
curl http://localhost:9200 works. but kibana stops working. saying license not available

4

Run curl with the -k flag and see if that makes a difference.

5

should i set xpack.security.http.ssl: false or true?

6

Set it to true. You should IMHO never run Elasticsearch without ecurity enabled.

7

set it to true. able to curl with -k flag. when i try to access kibana http://ip:5601 getting kibana is not ready from a very long time. and in logs getting this error

image
image1673×717 109 KB

how can i use https without a certificate?

8

this is kibana.yml file

server.port: 5601

server.host: "0.0.0.0"

#elasticsearch.hosts: ["http://localhost:9200"]

# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "elastic"
#elasticsearch.password: "minutus"


# =================== System: Elasticsearch (Optional) ===================
# These files are used to verify the identity of Kibana to Elasticsearch and are required when
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key

# Enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]

# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full

# =================== System: Logging ===================
# Set the value of this setting to off to suppress all logging output, or to debug to log everything. Defaults to 'info'
#logging.root.level: debug

# Enables you to specify a file where Kibana stores log output.
logging:
  appenders:
    file:
      type: file
      fileName: /var/log/kibana/kibana.log
      layout:
        type: json
  root:
    appenders:
      - default
      - file
#  layout:
#    type: json

# Logs queries sent to Elasticsearch.
#logging.loggers:
#  - name: elasticsearch.query
#    level: debug

# Logs http responses.
#logging.loggers:
#  - name: http.server.response
#    level: debug

# Logs system usage information.
#logging.loggers:
#  - name: metrics.ops
#    level: debug

pid.file: /run/kibana/kibana.pid
`http.max_content_length`

# This section was automatically generated during setup.
elasticsearch.hosts: ['https://PRIVATE-IP:9200']
elasticsearch.serviceAccountToken: AAEAAW*
elasticsearch.ssl.certificateAuthorities: [/var/lib/kibana/ca_1*5.crt]
xpack.fleet.outputs: [{id: fleet-default-output, name: default, is_default: true, is_default
9

after i had installed all services. With these same settings i was able to access kibana. elasticsearch was not accessible. now i can access it using https and -k. but why is kibana giving error? also this is a single node setup

{"service":{"node":{"roles":["background_tasks","ui"]}},"ecs":{"version":"8.4.0"},"@timestamp":"2022-11-17T12:07:42.054+00:00","message":"Unable to retrieve version information from Elasticsearch nodes. getaddrinfo ENOTFOUND 10-0-9-223","log":{"level":"ERROR","logger":"elasticsearch-service"},"process":{"pid":11509},"trace":{"id":"e87ec35cb0890a742ae5eed2dce06019"},"transaction":{"id":"84ec558ca5b502c3"}}
10

Can u help me with the default config for elasticsearch and kibana? kibana is not able to access elasticsearch getting address not found. i dont have an ssl certificate for this ip. when i curl to elasticsearch ip with -k flag it works. when i access kibana it says server not ready and in logs getting error

"message":"Unable to retrieve version information from Elasticsearch nodes. getaddrinfo ENOTFOUND 10-0-9-223

the ip address that has come by default in kibana for elasticsearch hosts is private ip.
i want to access elasticsearch as well as kibana from ansible playbook

11

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.