Hello,
I am trying to configure my elastic fleet such that elastic agents connect to a logstash instance, secured with SSL. I set up the SSL for logstash, and was now trying to configure the agents. To make sure that the configuration remains stable, I tried to set this up in the kibana configuration as follows:
xpack.fleet.outputs:
- id: logstash
name: logstash
type: logstash
hosts: ["${var.logstash_subdomain}.mydomain.com:5044"]
is_default: true
ssl:
certificate: |-
${var.tls_cert_logstash.clientcrt}
certificate_authorities:
- |-
${var.tls_cert_logstash.cacrt}
key: |-
${var.tls_cert_logstash.clientkey}
Unfortunately, it seems that it is not possible to use this configuration here. As such I removed the ssl part. However, now my kibana instance seems to be broken as it keeps giving the same error. The container logs show the following:
[2023-02-07T09:46:38.587+00:00][INFO ][plugins.fleet] Beginning fleet setup
[2023-02-07T09:46:38.738+00:00][ERROR][plugins.encryptedSavedObjects] Failed to decrypt "ssl" attribute: Unsupported state or unable to authenticate data
[2023-02-07T09:46:38.739+00:00][WARN ][plugins.fleet] Fleet setup failed
[2023-02-07T09:46:38.739+00:00][WARN ][plugins.fleet] Error: Unable to decrypt attribute "ssl"
at EncryptedSavedObjectsService.attributesToDecryptIterator (/usr/share/kibana/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.js:389:15)
at attributesToDecryptIterator.throw (<anonymous>)
at EncryptedSavedObjectsService.decryptAttributes (/usr/share/kibana/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.js:302:23)
at EncryptedSavedObjectsService.stripOrDecryptAttributes (/usr/share/kibana/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.js:90:57)
at EncryptedSavedObjectsClientWrapper.handleEncryptedAttributesInResponse (/usr/share/kibana/x-pack/plugins/encrypted_saved_objects/server/saved_objects/encrypted_saved_objects_client_wrapper.js:175:11)
at EncryptedSavedObjectsClientWrapper.handleEncryptedAttributesInBulkResponse (/usr/share/kibana/x-pack/plugins/encrypted_saved_objects/server/saved_objects/encrypted_saved_objects_client_wrapper.js:199:7)
at EncryptedSavedObjectsClientWrapper.bulkGet (/usr/share/kibana/x-pack/plugins/encrypted_saved_objects/server/saved_objects/encrypted_saved_objects_client_wrapper.js:103:12)
at SpacesSavedObjectsClient.bulkGet (/usr/share/kibana/x-pack/plugins/spaces/server/saved_objects/spaces_saved_objects_client.js:154:31)
at OutputService.bulkGet (/usr/share/kibana/x-pack/plugins/fleet/server/services/output.js:210:17)
at createOrUpdatePreconfiguredOutputs (/usr/share/kibana/x-pack/plugins/fleet/server/services/preconfiguration/outputs.js:46:27)
at ensurePreconfiguredOutputs (/usr/share/kibana/x-pack/plugins/fleet/server/services/preconfiguration/outputs.js:38:3)
at async Promise.all (index 0)
at createSetupSideEffects (/usr/share/kibana/x-pack/plugins/fleet/server/services/setup.js:65:3)
at awaitIfPending (/usr/share/kibana/x-pack/plugins/fleet/server/services/setup_utils.js:35:20)
at /usr/share/kibana/x-pack/plugins/fleet/server/plugin.js:290:9
I am now unable to do any fleet configuration as the plugin is completely broken and unusable.
Any fix/help would be very welcome!