How to enable HTTPS for kibana?

I am trying to develop a new kibana plugin to protect kibana. The logic is simple, if the user has already authenticated, then the user can see the kibana home page, otherwise, the page will be redirected to my login page. Basically it's working well so far.

Currently I access the kibana using URL "http://IP_ADDRESS:5601", but I'd like to enable HTTPS, so that the URL should be "https://IP_ADDRESS:5601". How can I configure the self-signed certificate/key/CA to kibana to enable the HTTPS?

Note that the elasticsearch cluster will not be visible/accessible from internet, and only the kibana server can be accessed from internet, so I only need to protect the kibana server. Of course, there are a couple of candidate solutions. For example, I can start a nginx server, and configure the self-signed certs/key/CA to the nginx, and then make the nginx to redirect requests to the backend kibana. But I am still curious how to enable HTTPS on kibana directly.

Please kindly let me know if I miss anything.


Configuring Security in Kibana

Check out that doc, but skip over all the parts that have to do with security on Elasticsearch. So, from a quick glance, you'll care about steps 6 and 8. Basically, there are separate settings you'll need in kibana.yml to enable SSL between the browser and Kibana server.

@a5a, thanks for the response.

Note that I do not use X-Pack, and it's exactly the reason why I implement a kibana plugin to protect kibana. So does it work without using X-Pack?

server.ssl.key: /path/to/your/server.key
server.ssl.certificate: /path/to/your/server.crt

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.