Kibana cannot connect to elastichsearch in https, xpack enabled

hello

i deploy elastci stack in kubernetes with helm chart
i got my elastcisearch runnning with xpack and running well

here uis the values

node.master: true
replicas: 1
minimumMasterNodes: 1
clusterHealthCheckParams: 'wait_for_status=yellow&timeout=1s'
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 3
timeoutSeconds: 5

protocol: https

esConfig:
Elasticsearch.yml: |
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.truststore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.http.ssl.keystore.path: /usr/share/Elasticsearch/config/certs/elastic-stack-ca.p12
xpack.security.authc.realms.native.local.order: 0

extraEnvs:

  • name: ELASTIC_PASSWORD
    valueFrom:
    secretKeyRef:
    name: elastic-credentials
    key: password
  • name: ELASTIC_USERNAME
    valueFrom:
    secretKeyRef:
    name: elastic-credentials
    key: username

secretMounts:

  • name: elastic-certificates
    secretName: elastic-certificates
    path: /usr/share/Elasticsearch/config/certs

then i try to connect kibana

values :

secretMounts:

  • name: elastic-certificate-pem
    secretName: elastic-certificate-pem
    path: /usr/share/kibana/config/certs
    kibanaConfig:
    kibana.yml: |
    Elasticsearch.hosts: [ "https://elastic.cyberpeaceinstitute.network:9200/" ]

    xpack.security.enabled: true
    xpack.security.audit.enabled: true
    Elasticsearch.ssl.certificateAuthorities: /usr/share/kibana/config/certs/elastic-certificate.pem
    Elasticsearch.ssl.verificationMode: certificate
    Elasticsearch.username: "xxxxx"
    Elasticsearch.password: "xxxx"

i got this error on kibana :

"message":"Unable to retrieve version information from Elasticsearch nodes. socket hang up"}

and in Elasticsearch :

{"type": "server", "timestamp": "2021-10-14T08:18:16,407Z", "level": "WARN", "component": "o.e.x.s.t.n.SecurityNetty4HttpServerTransport", "cluster.name": "Elasticsearch", "node.name": "Elasticsearch-master-0", "message": "received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/10.25.3.245:9200, remoteAddress=/10.25.3.39:41280}", "cluster.uuid": "d8t801T_RjKy0j11ErmA3A", "node.id": "fsj52VA8TCGvRml5N_ckGA" }

it looks like the connection is in clear , but in my kibana conf it is in https

when i do a curl in the kibana pod to get the elesticsearhc i gor no error !!!!

thanks for your help

I'm surprised that Kibana even starts - yaml is case sensitive, and you should have elasticsearch.* settings in lowercase as all other settings (not sure if it's somehow normalized in k8s setup though).

Can you try to use lowercase everywhere?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.