Kibana not connected to epr.elastic.co Package Registry

shuuny-matrix · July 19, 2022, 1:17pm

I have installed Elasticsearch and Kibana in my Ubuntu System in a corporate environment behind firewall and proxies. We have two crt files to use internet in browser. My elasticsearch is running fine. But when I run Kibana from /bin/kibaba --allow root, Kibana runs in base mode but it throws the errot like this-

[2022-07-19T16:02:40.701+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to https://epr.elastic.co/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: unable to get local issuer certificate

Most likely, Kibana is not connected to the internet connection. But when I run curl using command

curl -vvI https://epr.elastic.co/search?package=endpoint&experimental=true&kibana.version=8.3.2
I think I get the connection, I found some issues similar to this using
NODE_EXTRA_CERTS= /etc/kibana/root_ca_chain.pem
but I am confused what does this file mean? I supplied my organisations "xxx.crt" file but it doesn't seem to work. Can someone help me on this?

Marius_Dragomir · July 23, 2022, 5:23pm

You need to change the certificates in the kibana.yml file, not by using NODE_EXTRA_CERTS.

shuuny-matrix · July 25, 2022, 7:58pm

I think I have added pretty much all certicificates in kibana.yml file. What should be added to kibana.yml file?

The issue is similar to this one:
https://discuss.elastic.co/t/fleet-initialization-behind-a-corporate-proxy-fails-with-unable-to-get-local-issuer-certificate-ignoring-proxy-settings/291647

shuuny-matrix · July 26, 2022, 3:19pm

UDATE: I tried using air grapped environement using this link:
https://www.elastic.co/guide/en/fleet/current/air-gapped.html

However, still I cant get access to Elastic Package Registry and shows the following error:

[2022-07-26T18:00:21.794+03:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: scheduled with interval 1h
[2022-07-26T18:00:22.242+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:00:22.282+03:00][INFO ][plugins.fleet] Fleet setup completed
[2022-07-26T18:00:22.288+03:00][INFO ][plugins.securitySolution] Dependent plugin setup complete - Starting ManifestTask
[2022-07-26T18:00:24.069+03:00][INFO ][status] Kibana is now available (was degraded)
[2022-07-26T18:00:24.108+03:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: No ML saved objects in need of synchronization
[2022-07-26T18:04:32.946+03:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
[2022-07-26T18:05:11.996+03:00][ERROR][plugins.fleet] Error connecting to package registry: request to http://package-registry.corp.net:8080/categories?experimental=true&include_policy_templates=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:05:11.999+03:00][ERROR][plugins.fleet] Error connecting to package registry: request to http://package-registry.corp.net:8080/search?experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:12:38.648+03:00][INFO ][plugins.fleet] Beginning fleet setup
[2022-07-26T18:12:39.955+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:12:40.004+03:00][INFO ][plugins.fleet] Fleet setup completed
[2022-07-26T18:14:53.881+03:00][INFO ][plugins.fleet] Beginning fleet setup
[2022-07-26T18:14:55.183+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:14:55.229+03:00][INFO ][plugins.fleet] Fleet setup completed>

system · August 23, 2022, 3:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error connecting to package registry Kibana	3	1053	January 11, 2024
Kibana fleet - Error connecting to package registry Kibana fleet	8	9962	January 6, 2021
Kibana 7.10 - Error connecting to package registry Kibana	3	2127	December 24, 2020
On-prem Kibana can't join elastic-package-registry (EPR) behind a proxy due to certificate issue - workaround tested Kibana	1	1053	March 1, 2023
Kibana Error connecting to package registry: request to https://xxx.xxx/xxx failed, reason: self signed certificate in certificate chain Kibana	2	901	September 25, 2021

Kibana not connected to epr.elastic.co Package Registry

Related topics