Kibana SSL configuration for Windows Server Host

janis.cimins · December 12, 2022, 3:26pm

Hey!

I am trying to set up Elastic on my testlab Windows server 2019. All is good until I try to enable SSL.
I am using this guide :

But seem to get an error (possible syntax problem I suppose).

C:\kibana>.\bin\kibana.bat
[2022-12-12T17:20:56.982+02:00][INFO ][node] Kibana process configured with roles: [background_tasks, ui]
[2022-12-12T17:21:24.892+02:00][INFO ][plugins-service] Plugin "cloudExperiments" is disabled.
[2022-12-12T17:21:24.911+02:00][INFO ][plugins-service] Plugin "profiling" is disabled.
[2022-12-12T17:21:24.979+02:00][FATAL][root] Error: ENOENT: no such file or directory, open '‪‪C:\kibana\config\elk-siem.key'
at Object.openSync (node:fs:590:3)
at readFileSync (node:fs:458:35)
at readFile (C:\kibana\node_modules@kbn\server-http-tools\target_node\src\ssl\ssl_config.js:175:47)
at new SslConfig (C:\kibana\node_modules@kbn\server-http-tools\target_node\src\ssl\ssl_config.js:126:18)
at new HttpConfig (C:\kibana\node_modules@kbn\core-http-server-internal\target_node\src\http_config.js:252:16)
at C:\kibana\node_modules@kbn\core-http-server-internal\target_node\src\http_service.js:62:253
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\map.js:10:37
at OperatorSubscriber._this._next (C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\OperatorSubscriber.js:33:21)
at OperatorSubscriber.Subscriber.next (C:\kibana\node_modules\rxjs\dist\cjs\internal\Subscriber.js:51:18)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\observable\combineLatest.js:51:40
at OperatorSubscriber._this._next (C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\OperatorSubscriber.js:33:21)
at OperatorSubscriber.Subscriber.next (C:\kibana\node_modules\rxjs\dist\cjs\internal\Subscriber.js:51:18)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\map.js:10:24
at OperatorSubscriber._this._next (C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\OperatorSubscriber.js:33:21)
at OperatorSubscriber.Subscriber.next (C:\kibana\node_modules\rxjs\dist\cjs\internal\Subscriber.js:51:18)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\distinctUntilChanged.js:18:28
at OperatorSubscriber._this._next (C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\OperatorSubscriber.js:33:21)
at OperatorSubscriber.Subscriber.next (C:\kibana\node_modules\rxjs\dist\cjs\internal\Subscriber.js:51:18)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\map.js:10:24
at OperatorSubscriber._this._next (C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\OperatorSubscriber.js:33:21)
at OperatorSubscriber.Subscriber.next (C:\kibana\node_modules\rxjs\dist\cjs\internal\Subscriber.js:51:18)
at ReplaySubject._subscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\ReplaySubject.js:54:24)
at ReplaySubject.Observable._trySubscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:41:25)
at ReplaySubject.Subject._trySubscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\Subject.js:123:47)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:35:31
at Object.errorContext (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\errorContext.js:22:9)
at ReplaySubject.Observable.subscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:26:24)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\share.js:66:18
at OperatorSubscriber. (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\lift.js:14:28)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:30:30
at Object.errorContext (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\errorContext.js:22:9)
at Observable.subscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:26:24)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\map.js:9:16
at OperatorSubscriber. (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\lift.js:14:28)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:30:30
at Object.errorContext (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\errorContext.js:22:9)
at Observable.subscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:26:24)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\distinctUntilChanged.js:13:16
at OperatorSubscriber. (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\lift.js:14:28)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:30:30
at Object.errorContext (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\errorContext.js:22:9)
at Observable.subscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:26:24)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\operators\map.js:9:16
at OperatorSubscriber. (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\lift.js:14:28)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:30:30
at Object.errorContext (C:\kibana\node_modules\rxjs\dist\cjs\internal\util\errorContext.js:22:9)
at Observable.subscribe (C:\kibana\node_modules\rxjs\dist\cjs\internal\Observable.js:26:24)
at C:\kibana\node_modules\rxjs\dist\cjs\internal\observable\combineLatest.js:44:28
at maybeSchedule (C:\kibana\node_modules\rxjs\dist\cjs\internal\observable\combineLatest.js:72:9)
at _loop_1 (C:\kibana\node_modules\rxjs\dist\cjs\internal\observable\combineLatest.js:41:17)

FATAL Error: ENOENT: no such file or directory, open '‪‪C:\kibana\config\elk-siem.key'

I have my kibana.yml configuration here:

server.ssl.enabled: true
server.ssl.certificate: C:\kibana\config\certnew.crt
server.ssl.key: ‪‪C:\kibana\config\elk-siem.key

The .crt file is read, but I can not read for some reason, .key file.

janis.cimins · December 27, 2022, 2:03pm

Do you have any ideas?

leandrojmp · December 27, 2022, 2:50pm

Those the files exists in this path? Try to put the path between double quotes.

server.ssl.certificate: "C:\kibana\config\certnew.crt"
server.ssl.key: "C:\kibana\config\elk-siem.key"

If it stills does not work, try to use forward slashes.

server.ssl.certificate: "C:/kibana/config/certnew.crt"
server.ssl.key: "C:/kibana/config/elk-siem.key"

leandrojmp · December 27, 2022, 2:53pm

This is also weird, while copying and pasting the settings, it adds extra unicode characters.

server.ssl.certificate: C:\kibana\config\certnew.crt
server.ssl.key: <U+202A><U+202A>C:\kibana\config\elk-siem.key

Not sure if this was generated by the forum or came from your configuration, since it adds extra unicode characters in the exact setting that is giving you issues, I would assume that it may come from your configuration.

Try to delete this setting line and retype it.

system · January 24, 2023, 2:54pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana SSL configure in Windows Server Kibana	2	1363	February 20, 2020
Error: ENOENT: no such file or directory, open 'config/kibana-server.key' Kibana elastic-stack-security	6	6603	June 4, 2021
Cannot setup Kibana with SSL Kibana elastic-stack-security	2	209	July 12, 2023
Enabling SSL Security between Elasticsearch & Kibana when both are on the same server Elasticsearch elastic-stack-security	6	492	January 27, 2022
Configuring Elastic to use SSL on Windows Elasticsearch elastic-stack-security	1	340	August 8, 2020

Kibana SSL configuration for Windows Server Host

Related topics