Kibana http requests instead of https? i.e. without encryption


(JasonA) #1

I'm running kibana 4.6.1 behind nginx configured as a reverse proxy to terminate TLS connections.

I'd like the nginx -> kibana connections to happen over http rather that https so that my logging can be effective, and I save on cpu.

config/kibana.yml seems to assume SSL/TLS, and I can't seem to find an option to tell kibana to speak http instead of https.

How can I configure kibana to speak http without encyrption?


(CJ Cenizal) #2

Hey there,

Are you using the Shield X-Plugin? This will require SSL in Kibana 4.x. By default, Kibana should not use SSL. If you're not using Shield, then I think the only other explanation is that in your config/kibana/yml, you have server.ssl.cert and server.ssl.key defined. Can you take a look there and make sure they're either not defined or commented out?

Thanks,
CJ


(JasonA) #3

oh interesting. I didn't realize that the default was no https. I'll try commenting out the server.ssl.cert and server.ssl.key and see what happens; they are definitely defined now from a leftover previous configuration.

Also, I have Shield installed, but not using Sheild X-Plugin, if that is different.


(Lee Drengenberg) #4

On Kibana 4.6.1 with Shield, it does require SSL (https). I'm trying to find if there's some parameters you could use to turn that off.

But on Kibana 5.0 that was just released, the default with X-Pack Security (the new name for the Shield plugin) the default is no SSL (http). So if you can upgrade to 5.0 with X-Pack (it's quite awesome) then you won't need to use https.

Regards,
Lee


(JasonA) #5

Good to know. I'll check out 5.0. Thanks Lee.


(system) #6