Getting invalid protocol error on install kibana (8.5.1)

Creating a new Elasticsearch token for Kibana
Cleaning previous token
TypeError [ERR_INVALID_PROTOCOL]: Protocol "http:" not supported. Expected "https:"
at new NodeError (node:internal/errors:387:5)
at new ClientRequest (node:_http_client:186:11)
at Object.request (node:https:357:10)
at /usr/share/kibana/helm-scripts/..2024_06_12_11_35_09.910339330/manage-es-token.js:64:27
at new Promise ()
at requestPromise (/usr/share/kibana/helm-scripts/..2024_06_12_11_35_09.910339330/manage-es-token.js:63:10)
at createEsToken (/usr/share/kibana/helm-scripts/..2024_06_12_11_35_09.910339330/manage-es-token.js:100:10)
at Object. (/usr/share/kibana/helm-scripts/..2024_06_12_11_35_09.910339330/manage-es-token.js:144:5)
at Module._compile (node:internal/modules/cjs/loader:1155:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1209:10) {
code: 'ERR_INVALID_PROTOCOL'
}

Hi @Sunita_Rajput, Welcome to the Elastic community.

How you are trying to create this token ? By using elasticsearch-create-enrollment-token ?

Seems its trying to connect to elasticsearch but connecting over http rather https.

I am not trying to create token but install kibana with following command helm install kibana elastic/kibana --values values.yaml and then in pre-install pods getting this error , elasticsearch is accessible on http

Any doc you referring?

[Preformatted text](https://artifacthub.io/packages/helm/elastic/kibana)

values.yaml of kibana

elasticsearchHosts: "http//elasticsearch-master-headless:9200"
#elasticsearchCertificateSecret: elasticsearch-master-certs
#elasticsearchCertificateAuthoritiesFile: ca.crt
#elasticsearchCredentialSecret: elasticsearch-master-credentials

replicas: 1

# Extra environment variables to append to this nodeGroup
# This will be appended to the current 'env:' key. You can use any of the kubernetes env
# syntax here
extraEnvs:
  - name: "NODE_OPTIONS"
    value: "--max-old-space-size=1800"
#  - name: MY_ENVIRONMENT_VAR
#    value: the_value_goes_here

# Allows you to load environment variables from kubernetes secret or config map
envFrom: []
# - secretRef:
#     name: env-secret
# - configMapRef:
#     name: config-map

# A list of secrets and their paths to mount inside the pod
# This is useful for mounting certificates for security and for mounting
# the X-Pack license
secretMounts: []
#  - name: kibana-keystore
#    secretName: kibana-keystore
#    path: /usr/share/kibana/data/kibana.keystore
#    subPath: kibana.keystore # optional

hostAliases: []
#- ip: "127.0.0.1"
#  hostnames:
#  - "foo.local"
#  - "bar.local"

image: "docker.elastic.co/kibana/kibana"
imageTag: "8.5.1"
imagePullPolicy: "IfNotPresent"

# additionals labels
labels: {}

annotations: {}

podAnnotations: {}
# iam.amazonaws.com/role: es-cluster

resources:
  requests:
    cpu: "1000m"
    memory: "2Gi"
  limits:
    cpu: "1000m"
    memory: "2Gi"

protocol: http

serverHost: "0.0.0.0"
#server.ssl.enabled: false
healthCheckPath: "/app/kibana"

# Allows you to add any config files in /usr/share/kibana/config/
# such as kibana.yml
kibanaConfig: {}
#   kibana.yml: |
#     key:
#       nestedkey: value

# If Pod Security Policy in use it may be required to specify security context as well as service account

podSecurityContext:
  fsGroup: 1000

securityContext:
  capabilities:
    drop:
      - ALL
  # readOnlyRootFilesystem: true
  runAsNonRoot: true
  runAsUser: 1000

serviceAccount: ""

# Whether or not to automount the service account token in the pod. Normally, Kibana does not need this
automountToken: true

# This is the PriorityClass settings as defined in
# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
priorityClassName: ""

httpPort: 5601

extraVolumes:
  []
  # - name: extras
  #   emptyDir: {}

extraVolumeMounts:
  []
  # - name: extras
  #   mountPath: /usr/share/extras
  #   readOnly: true
  #

extraContainers: []
# - name: dummy-init
#   image: busybox
#   command: ['echo', 'hey']

extraInitContainers: []
# - name: dummy-init
#   image: busybox
#   command: ['echo', 'hey']

updateStrategy:
  type: "Recreate"

service:
  type: ClusterIP
  loadBalancerIP: ""
  port: 5601
  nodePort: ""
  labels: {}
  annotations: {}
  # cloud.google.com/load-balancer-type: "Internal"
  # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0
  # service.beta.kubernetes.io/azure-load-balancer-internal: "true"
  # service.beta.kubernetes.io/openstack-internal-load-balancer: "true"
  # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true"
  loadBalancerSourceRanges: []
  # 0.0.0.0/0
  httpPortName: http

ingress:
  enabled: false
  className: "nginx"
  pathtype: ImplementationSpecific
  annotations: {}
  # kubernetes.io/ingress.class: nginx
  # kubernetes.io/tls-acme: "true"
  hosts:
    - host: kibana-example.local
      paths:
        - path: /
  #tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local

readinessProbe:
  failureThreshold: 3
  initialDelaySeconds: 10
  periodSeconds: 10
  successThreshold: 3
  timeoutSeconds: 5

imagePullSecrets: []
nodeSelector: {}
tolerations: []
affinity: {}

nameOverride: ""
fullnameOverride: ""

lifecycle: {}
# preStop:
#   exec:
#     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
# postStart:
#   exec:
#     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]

After adding following in values.yaml still getting sam error
kibanaConfig:
kibana.yml: |
server.ssl.enabled: false

I have the same issue, deploying the ELK stack via each helm chart.
We were getting 502 responses, as the ingress controller was sending http messages to http ports.
So I configured Elasticsearch to use http, to allow traffic via Ingress.

# Helm values
extraEnvs:
  - name: xpack.security.http.ssl.enabled
    value: "false"
protocol: http

During the Kibana deployment, using all default values elasticsearchHosts: "https://elasticsearch-master:9200" gives:

Creating a new Elasticsearch token for Kibana
Cleaning previous token
DELETE undefined failed:  write EPROTO 139882170656704:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:

Error: write EPROTO 139882170656704:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:

    at WriteWrap.onWriteComplete [as oncomplete] (node:internal/stream_base_commons:94:16) {
  errno: -71,
  code: 'EPROTO',
  syscall: 'write'
}

Setting
elasticsearchHosts: "http://elasticsearch-master:9200"
results in the same ERR_INVALID_PROTOCOL error.

These errors show up during the Helm pre-install-kibana job.

I was able to solve my issue by following these steps, allowing me to use the default https settings.
Still have this issue with https disabled on Elasticsearch.

Is there a solution to this problem, I am also experiencing the same problem. Does this version not support the HTTP protocol?