Kibana not connected to epr.elastic.co Package Registry

shuuny-matrix · July 19, 2022, 1:17pm

I have installed Elasticsearch and Kibana in my Ubuntu System in a corporate environment behind firewall and proxies. We have two crt files to use internet in browser. My elasticsearch is running fine. But when I run Kibana from /bin/kibaba --allow root, Kibana runs in base mode but it throws the errot like this-

[2022-07-19T16:02:40.701+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to https://epr.elastic.co/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: unable to get local issuer certificate

Most likely, Kibana is not connected to the internet connection. But when I run curl using command

curl -vvI https://epr.elastic.co/search?package=endpoint&experimental=true&kibana.version=8.3.2
I think I get the connection, I found some issues similar to this using
NODE_EXTRA_CERTS= /etc/kibana/root_ca_chain.pem
but I am confused what does this file mean? I supplied my organisations "xxx.crt" file but it doesn't seem to work. Can someone help me on this?

Marius_Dragomir · July 23, 2022, 5:23pm

You need to change the certificates in the kibana.yml file, not by using NODE_EXTRA_CERTS.

shuuny-matrix · July 25, 2022, 7:58pm

I think I have added pretty much all certicificates in kibana.yml file. What should be added to kibana.yml file?

The issue is similar to this one:
https://discuss.elastic.co/t/fleet-initialization-behind-a-corporate-proxy-fails-with-unable-to-get-local-issuer-certificate-ignoring-proxy-settings/291647

shuuny-matrix · July 26, 2022, 3:19pm

UDATE: I tried using air grapped environement using this link:
https://www.elastic.co/guide/en/fleet/current/air-gapped.html

However, still I cant get access to Elastic Package Registry and shows the following error:

[2022-07-26T18:00:21.794+03:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: scheduled with interval 1h
[2022-07-26T18:00:22.242+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:00:22.282+03:00][INFO ][plugins.fleet] Fleet setup completed
[2022-07-26T18:00:22.288+03:00][INFO ][plugins.securitySolution] Dependent plugin setup complete - Starting ManifestTask
[2022-07-26T18:00:24.069+03:00][INFO ][status] Kibana is now available (was degraded)
[2022-07-26T18:00:24.108+03:00][INFO ][plugins.ml] Task ML:saved-objects-sync-task: No ML saved objects in need of synchronization
[2022-07-26T18:04:32.946+03:00][INFO ][plugins.security.routes] Logging in with provider "basic" (basic)
[2022-07-26T18:05:11.996+03:00][ERROR][plugins.fleet] Error connecting to package registry: request to http://package-registry.corp.net:8080/categories?experimental=true&include_policy_templates=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:05:11.999+03:00][ERROR][plugins.fleet] Error connecting to package registry: request to http://package-registry.corp.net:8080/search?experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:12:38.648+03:00][INFO ][plugins.fleet] Beginning fleet setup
[2022-07-26T18:12:39.955+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:12:40.004+03:00][INFO ][plugins.fleet] Fleet setup completed
[2022-07-26T18:14:53.881+03:00][INFO ][plugins.fleet] Beginning fleet setup
[2022-07-26T18:14:55.183+03:00][ERROR][plugins.fleet] Failed to fetch latest version of endpoint from registry: Error connecting to package registry: request to http://package-registry.corp.net:8080/search?package=endpoint&experimental=true&kibana.version=8.3.2 failed, reason: getaddrinfo ENOTFOUND package-registry.corp.net
[2022-07-26T18:14:55.229+03:00][INFO ][plugins.fleet] Fleet setup completed>

system · August 23, 2022, 3:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
ELK installation on-premises Kibana	2	103	July 9, 2024
Kibana unable to connect to package registry after upgrade to 8.8.1 Kibana fleet	17	2967	July 24, 2023
Kibana cannot connect to the Elastic Package Registry, which provides Elastic Agent integrations Kibana	1	362	May 20, 2024
Kibana not connecting after https setup Kibana	7	2426	June 4, 2021
Applying SSL to Elasticsearch and Kibana: Connection refused on Kibana Elasticsearch	55	1441	May 16, 2024

Kibana not connected to epr.elastic.co Package Registry

Related Topics