Kibana startup stuck when elasticsearch use http

acerphoenix · September 29, 2022, 1:50am

Hello, I install es and kibana version 8.4.2, they enable https by default. but i prefer http in private network.
so i follow the official instruction, download es and start it, and get some security information indicate that it run successfully. Then i edit the config/elasticsearch.yml and only change xpack.securtiy.http.ssl.enabled value to false, and restart it.
With curl -u elastic:xxxxx http://localhost:9200 , I can get right response, notice that i use HTTP and the username and password must be right, it's all I want.
The problem is, when i start kibana, It stucks and the page show the server is not ready yet. i think the log is not helpful, i paste last two line:

[2022-09-29T09:46:04.090+08:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception: [security_exception] Reason: missing authentication credentials for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
[2022-09-29T09:46:04.820+08:00][INFO ][plugins.screenshotting.chromium] Browser executable: /home/yli/Program/dist/kibana-8.4.2/x-pack/plugins/screenshotting/chromium/headless_shell-linux_x64/headless_shell

even i set elasticsearch.serviceAccountToken the right value. But when i change es xpack.securtiy.http.ssl.enabled to true, kibana starts success.

acerphoenix · September 29, 2022, 2:22am

Finally I figure it out.
I think access token is only for https but no one tell me that. Maybe it's a bug? or just a feature?
I reset the pwd with elasticsearch-reset-password -u kibana, then config it to kibana.yml, and Bang! it works.

Yang_Wang · September 29, 2022, 3:11am

By access token, do you mean service account token? If so, it no longer requires HTTPS to work since version 7.16. If you are using a newer version. There should not be such constraint.

Please note that service account token generated using CLI is per node. So if you have multiple ES node and only generated the token for one node, it will not work if Kibana talks to a node that does not have the token. You need either (1) copy the service-tokens file to all nodes or (2) generate the token using API.

system · October 27, 2022, 3:11am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana not starting up after enabling https (Single node) , seems to be missing credentials? Elasticsearch	5	2668	September 3, 2021
Unable to retrieve version information from Elasticsearch nodes. security_exception Kibana elastic-stack-security	5	20704	December 16, 2023
[ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. connect ETIMEDOUT Kibana	13	1761	April 29, 2024
After SSL was enabled, Kibana is not working Kibana	11	6809	May 2, 2017
Kibana can't startup successfully after enable ssl and xpack in elasticsearch6.7.1 Kibana elastic-stack-security	6	1061	May 20, 2019

Kibana startup stuck when elasticsearch use http

Related topics