I managed to make localhost Kibana to be functioned in https environment.(The warning stated that it is not trusted).
However my localhost elasticsearch node is still in http environment. The elasticsearch console generate following error, when https localhost Kibana tried to SSO with the external Identity Provider.
Please bear with my skills, my first concern is that if localhost self-signed certificate(CN=localhost) even possible to build up trust connection from Kibana and Elasticsearch side?
Please don't post images of text as they are hard to read, may not display correctly for everyone, and are not searchable.
Instead, paste the text and format it with </> icon or pairs of triple backticks (```), and check the preview window to make sure it's properly formatted before posting it. Also please share the entire configuration, you are asking about your openid connect integration but you dont share its configuration.
The more data you share the easier it makes it for folks that want to help you out. This also makes it more likely that your question will receive a useful answer.
It would be great if you could update your post to solve this.
In 7.6(Elasticsearch and Kibana) version
When I put verficationMode to certificate in xpack.security.authc.realms.oidc.kibana-gidp: (elasticsearch.yml) , it produces the similar error that contains "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target."
When I put verificationMode to none in xpack.security.authc.realms.oidc.kibana-gidp: (elasticsearch.yml) , it doesn't show any error in elasticsearch-console, but Kibana showed "Elastic Kibana did not load properly. Check the server output for more information" However in 7.6, I still can access to Kibana, if I refreshed page to another page few times.
In 7.7 Kibana, it just showed the same error "Elastic Kibana did not load properly. Check the server output for more information". Any refresh to another won't help this time.
With my lastest development, I would like to know how to fix this, so it will works with the configuration setting verificationMode to "none" and verficationMode to "certificate" in 7.7 locahost environment, thanks.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.