Hi All,
This is my first ELK installation ( just to be noted ).
I installed ELK with Kibana 4.4 and the access to Kibana routed trough Nginx. I just followed the instructions in the docs and all was good. But then I added Shield, and what happens now is this: I get the Kibana login screen and my credentials are accepted, but then I get the Kibana page only for a few seconds and I am thrown back to the login screen.
I don't see any error messages in the logs of Kibana, Elasticsearch or Nginx.
My /etc/nginx/sites-available/default looks like this:
server {
listen 80;
server_name elk2.iucc.ac.il;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/htpasswd.users;
location / {
proxy_pass https://localhost:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
And my kibana.yml just have the normal stuff at the end:
elasticsearch.username: kibana4-server
elasticsearch.password: k1b@1ucc
server.ssl.key: /etc/pki/tls/private/logstash-forwarder.key
server.ssl.cert: /etc/pki/tls/certs/logstash-forwarder.crt
shield.encryptionKey: "thisisnotmrealsecret"
The only thing I can think of is that I am using the wrong ssl keys, but then I wouldn't see the screen at all, right?
Please help...
Thanks,
Oren