Are you connecting to Elasticsearch over https? If so, you need to make sure that certificate is trusted by Kibana. If a custom CA was used for that certificate, then you'll need to set elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ] as well.
If not, then I have a few more questions:
When is this error appearing in the logs? Are there any other errors?
Does Kibana function despite these errors, either partially or fully?
Is Elasticsearch configured to require a client certificate?
Thanks for posting. Nothing else seems out of the ordinary to me here.
Is your client (browser) also configured to send a client certificate? We've seen similar errors in the past when the browser tries to send a client certificate, but Kibana isn't expecting one. Which browser are you using to connect to Kibana?
@Yungyoung_Ok you can definitely use the certificates created by elasticsearch-certutil in Kibana. In my testing, I'm seeing this error logged when connecting using a certificate that the browser doesn't trust, and you proceed anyway with the warnings. In this situation, that log message can be ignored, I've created https://github.com/elastic/kibana/issues/35004 to improve the logging experience in these situations.
If you use the elasticseach-certutil certificate in kibana 6.7, do I have to leave a error message? Can I make it invisible?
In addition, the https.ssl setting does not login to additional users, except for users reserved by kibana (ex elastic, kibana).
No special logs are left, only called invalid username or password in Kibana.
However, the user name and password are clearly correct. Is there any other permission or authentication required for the user to login?