Kibana not starting up after enabling https (Single node) , seems to be missing credentials?

Shreesh_Narayanan · August 6, 2021, 3:07pm

Hello,

I'm using Kibana 7.14 and had enabled https recently . All the services logstash and elasticsearch start up successfully while kibana fails . I had been looking at the kibana logs and they show this

{"type":"log","@timestamp":"2021-08-06T13:48:17+00:00","tags":["info","savedobjects-service"],"pid":13086,"message":"Waiting until all Elasticsearch nodes are compatible with Kibana before starting saved objects migrations..."}
{"type":"log","@timestamp":"2021-08-06T13:48:17+00:00","tags":["error","savedobjects-service"],"pid":13086,"message":"Unable to retrieve version information from Elasticsearch nodes. Hostname/IP does not match certificate's altnames: IP: 172.26.207.165 is not in the cert's list: "}
{"type":"log","@timestamp":"2021-08-06T14:03:50+00:00","tags":["info","plugins-system"],"pid":13086,"message":"Stopping all plugins."}
{"type":"log","@timestamp":"2021-08-06T14:03:50+00:00","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":13086,"message":"Monitoring stats collection is stopped"}
{"type":"log","@timestamp":"2021-08-06T14:04:20+00:00","tags":["warning","plugins-system"],"pid":13086,"message":"\"eventLog\" plugin didn't stop in 30sec., move on to the next."}

here's my kibana config :

server.port: 5601
server.host: "172.26.207.165"
server.publicBaseUrl: "https://kibana.dev.com:5601"


server.name: "kibana-dev01"

elasticsearch.hosts: ["https://172.26.207.165:9200"]

server.ssl.enabled: true
server.ssl.certificate: /etc/kibana/certs/nexus-dev01.crt
server.ssl.key: /etc/kibana/certs/nexus-dev01.key


elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/certs/elasticsearch-ca.pem"]
elasticsearch.ssl.verificationMode: certificate
logging.dest: /app/ELK-Logs/kibana/
logging.verbose: true
path.data: /app/kibana_data

I tried restarting the service now after increasing the verbosity in kibana.yml

{"type":"log","@timestamp":"2021-08-06T15:03:59+00:00","tags":["debug","elasticsearch","query","data"],"pid":4832,"message":"401\nGET /_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip [security_exception]: missing authentication credentials for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]"}
{

Where should i mention these credentials in elasticsearch.yml or kibana.yml ? hopefully not in plain text?

stephenb · August 6, 2021, 3:18pm

You will use these settings

elasticsearch.username:
elasticsearch.password:

And secure them using the Keystore

They will be picked up automatically from the keystore on startup.

Shreesh_Narayanan · August 6, 2021, 3:24pm

awesome it worked.

One more question, can we still use the port 5601 after enabling https?

stephenb · August 6, 2021, 3:34pm

Yup! You can change the port if you like but no need to.

Shreesh_Narayanan · August 6, 2021, 3:48pm

Thanks a lot . it works splendidly

system · September 3, 2021, 3:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.