Kibana can't reach Elasticsearch cluster with security enabled


Since I reverted from my trial license to a basic one, Kibana can't reach my Elasticsearch cluster as long as " true". From what I understood, I must configure "at least" TLS between my nodes and I followed the instructions here : Encrypting communications in Elasticsearch but I still have the same error.
I'm probably missing something simple but I can't find it.

kibana.log :

{"type":"log","@timestamp":"2019-09-10T07:46:43Z","tags":["warning","elasticsearch","admin"],"pid":1275,"message":"No living connections"}
{"type":"log","@timestamp":"2019-09-10T07:46:43Z","tags":["warning","elasticsearch","admin"],"pid":1275,"message":"Unable to revive connection:"}

kibana.yml :

elasticsearch.hosts: ""
logging.dest: /var/log/kibana.log
logging.quiet: false
elasticsearch.username: "kibana"
elasticsearch.password: "mypassword" "longkey"
xpack.reporting.encryptionKey: "longkey"

elasticsearch.hosts point to my internal load balancer.
Do I have to use TLS between Kibana and my nodes too ?

elasticsearch.yml : "elastic-dev" "devdata-0"
path.logs: /var/log/elasticsearch /datadisks/disk1/elasticsearch/data ["devdata-0:9300","devdata-1:9300","devdata-2:9300"]
node.master: true true
discovery.zen.minimum_master_nodes: 2 [site, local]
node.max_local_storage_nodes: 1
node.attr.fault_domain: 0
node.attr.update_domain: 0
cluster.routing.allocation.awareness.attributes: fault_domain,update_domain
xpack.license.self_generated.type: basic true true full {}.p12 {}.p12
bootstrap.memory_lock: true

Everything is hosted on Azure and have been deployed thanks to the deployment template on Azure Marketplace.

Thanks in advance.

Is Elasticsearch running at all ? If it is please check the logs, I would assume you will find a few errors in there that would point you to the actual issue at hand.

Look like you were right, I had a permission issue on my .p12 files preventing Elasticsearch to start.

I resolved it and now I it looks like I have messed up the password I entered when I ran :
bin/elasticsearch-keystore add

Since I'm getting in elasticsearch logs : keystore password was incorrect

I solved my certificate problem but now Kibana is throwing an error when I'm logging in with the kibana user :

The kibana user permissions haven't changed so I don't get why it would throw a "Forbidden".

EDIT: I just tried to login with the elastic user and it works.

Just so that this is clear for others reading the forums, you are not supposed to log in with the kibana user. This is the internal user that Kibana server uses to communicate with Elasticsearch.

One should log in with the elastic user first and then create all the necessary users they would need to operate/administer/use the cluster and log in with those from then on.

Well, thanks a lot for your time, my problem is solved.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.