Kibana + Shield + NGinx - Thrown back to the login screen


(‫Oren Shani) #1

Hi All,

This is my first ELK installation ( just to be noted ).

I installed ELK with Kibana 4.4 and the access to Kibana routed trough Nginx. I just followed the instructions in the docs and all was good. But then I added Shield, and what happens now is this: I get the Kibana login screen and my credentials are accepted, but then I get the Kibana page only for a few seconds and I am thrown back to the login screen.

I don't see any error messages in the logs of Kibana, Elasticsearch or Nginx.

My /etc/nginx/sites-available/default looks like this:

server {
    listen 80;

    server_name elk2.iucc.ac.il;

    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.users;

    location / {
        proxy_pass https://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

And my kibana.yml just have the normal stuff at the end:

elasticsearch.username: kibana4-server
elasticsearch.password: k1b@1ucc
server.ssl.key: /etc/pki/tls/private/logstash-forwarder.key
server.ssl.cert: /etc/pki/tls/certs/logstash-forwarder.crt
shield.encryptionKey: "thisisnotmrealsecret"

The only thing I can think of is that I am using the wrong ssl keys, but then I wouldn't see the screen at all, right?

Please help...

Thanks,

Oren


(Mark Walkom) #2

Does it work without nginx?


(‫Oren Shani) #3

Mark,

Without nginx ( that is directly from a browser on another PC in the same subnet ), I cannot connect at all. I get a page load failure and there are no related messages in the kibana logs ( this occurs both when nginx is running and when not )

Oren


(Spencer Alger) #4

I suspect that the issue is that you are not proxying the Cookie headers


(‫Oren Shani) #5

Hi all,

Problem fixed. It was caused by the fact that I connected into nginx via http and tried to continue via https.

I changed nginx to listen to https and now I get to the kibana screen.

Thanks, anyway...

Oren


(system) #6