I keep getting random SESSION_EXPIRED when after implementing PKI authentication. If I use username and password my session never expires. Sometime I am able to use PKI to log back in after the SESSION_EXPIRED, other times I have to close the browser or clear the cookies before I can log back in with PKI.

Elasticsearch 7.14
Kibana 7.14
Elasticsearch config
</>
xpack:
security:
authc:
token.enabled: true
realms:
pki:
pki1:
order: 1
delegation.enabled: true
truststore:
path: "my_truststore.p12"
</>
Kibana config
</>
server.ssl.clientAuthentication: optional
xpack.security.authc.providers:
pki.pki1:
order: 0
basic.basic1:
order: 1
xpack.security.session.idleTimeout: "5h"
xpack.security.session.lifespan: "24h"

I've also tried this below.

#xpack.security.authc.providers.pki.pki1.session.idleTimeout: "5h"
xpack.security.encryptionKey: "Something longer than 32 characters. I do have white spaces"
</>

I'm not completely sure, but the problem could be related to this issue: Handle access tokens that expire after authentication stage · Issue #104893 · elastic/kibana · GitHub

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.