Kibana not connected to epr.elastic.co Package Registry

Elastic Stack Kibana
1

I have installed Elasticsearch and Kibana in my Ubuntu System in a corporate environment behind firewall and proxies. We have two crt files to use internet in browser. My elasticsearch is running fine. But when I run Kibana from /bin/kibaba --allow root, Kibana runs in base mode but it throws the errot like this-

[2022-07-19T16:02:40.701+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to https://epr.elastic.co/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: unable to get local issuer certificate

Most likely, Kibana is not connected to the internet connection. But when I run curl using command

curl -vvI https://epr.elastic.co/search?package=endpoint&experimental=true&kibana.version=8.3.2
I think I get the connection, I found some issues similar to this using
NODE_EXTRA_CERTS= /etc/kibana/root_ca_chain.pem
but I am confused what does this file mean? I supplied my organisations "xxx.crt" file but it doesn't seem to work. Can someone help me on this?

2

You need to change the certificates in the kibana.yml file, not by using NODE_EXTRA_CERTS.

3

I think I have added pretty much all certicificates in kibana.yml file. What should be added to kibana.yml file?

The issue is similar to this one:
https://discuss.elastic.co/t/fleet-initialization-behind-a-corporate-proxy-fails-with-unable-to-get-local-issuer-certificate-ignoring-proxy-settings/291647

4

UDATE: I tried using air grapped environement using this link:
https://www.elastic.co/guide/en/fleet/current/air-gapped.html

However, still I cant get access to Elastic Package Registry and shows the following error:

[2022-07-26T18:00:21.794+03:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: scheduled with interval 1h
[2022-07-26T18:00:22.242+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:00:22.282+03:00][INFO ][plugins.fleet] Fleet setup completed
[2022-07-26T18:00:22.288+03:00][INFO ][plugins.securitySolution] Dependent plugin setup complete - Starting ManifestTask
[2022-07-26T18:00:24.069+03:00][INFO ][status] Kibana is now available (was degraded)
[2022-07-26T18:00:24.108+03:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: No ML saved objects in need of synchronization
[2022-07-26T18:04:32.946+03:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
[2022-07-26T18:05:11.996+03:00][ERROR][plugins.fleet] Error connecting to package registry: request to http://package-registry.corp.net:8080/categories?experimental=true&include_policy_templates=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:05:11.999+03:00][ERROR][plugins.fleet] Error connecting to package registry: request to http://package-registry.corp.net:8080/search?experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:12:38.648+03:00][INFO ][plugins.fleet] Beginning fleet setup
[2022-07-26T18:12:39.955+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:12:40.004+03:00][INFO ][plugins.fleet] Fleet setup completed
[2022-07-26T18:14:53.881+03:00][INFO ][plugins.fleet] Beginning fleet setup
[2022-07-26T18:14:55.183+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:14:55.229+03:00][INFO ][plugins.fleet] Fleet setup completed>
5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.