Kibana with HTTPS

Amandine · March 13, 2018, 2:12pm

Hello, I wish that Kibana is accessible in HTTPS. I created a Let's encrypt certificate. I modified the server certificate part and the certification authority part in kibana.yml. I also put https://example.com on the proxy_pass of my nginx default. However, Chrome tells me that my site is inaccessible. I do not know if I put the right files in the configuration.

tatdat · March 13, 2018, 2:48pm

Another way, u can try config ssl in kibana config file : /etc/kibana/kibana.yml

github.com

elastic/kibana/blob/master/config/kibana.yml#L51




# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "user"
#elasticsearch.password: "pass"


# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key


# Optional settings that provide the paths to the PEM-format SSL certificate and key files.
# These files validate that your Elasticsearch backend uses the same key files.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key


# Optional setting that enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.

Line 51: set ssl enable TRUE
Line 52: path/to/your/cert
Line53: path/to/your/key

Good luck!

Amandine · March 13, 2018, 3:16pm

I tried to modify this part of kibana.yml but it does not work. Chrome tells me that the site is inaccessible. Maybe I do not take the right files.
I don't found the crt file. I have a file.pem and file.key given by certbot. I have to try and no results.

Yo_Man · March 13, 2018, 3:52pm

you have to create it from your pem file.

https://www.sslshopper.com/article-most-common-openssl-commands.html

Amandine · March 13, 2018, 3:55pm

Thank you for the link. But I was asked to use Let's Encrypt.

tatdat · March 16, 2018, 5:03pm

Why u dont have crt file when i run cerbot ?

Amandine · March 19, 2018, 10:40am

I don't know !

system · April 16, 2018, 10:40am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.