Local Setup Elasticsearch 7.2 and Kibana with Security

Elastic Stack Elasticsearch
1

I installed few days back Elastic & Kibana version 7.2 on my local laptop virtual machine( vmware with Centos 7.6).
I want to enable the security for elastic & kibana but unable to do.

In Elasticsearch '/etc/elasticsearch/elasticsearch.yml' have below config

discovery.type: single-node
xpack.security.enabled: true
#xpack.security.transport.ssl.enabled: false
#xpack.security.transport.ssl.verification_mode: certificate
#xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
#xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

I commented few last lines because I don't have SSL or cert.

Also I configured the user name & password for all(Elastic, Kibana, logsatch etc)
(Run below command)

/usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
and choose same password for all
Password is 'elastic'

In Kabana '/etc/kibana/kibana.yml'

elasticsearch.username: "kibana"
elasticsearch.password: "elastic"

When I run elastic curl got below error

curl -u elastic 'http://localhost:9200/_xpack/security/_authenticate?pretty'
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "failed to authenticate user [elastic]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
}
],
"type" : "security_exception",
"reason" : "failed to authenticate user [elastic]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
},
"status" : 401
}

and Kibana error log show as:

Please check the Kibana Reporting settings. [security_exception] failed to authenticate user [kibana], with { header={ WWW-Authenticate="Basic realm=\"security\" charset=\"UTF-8\"" } } :: {"path":"/_cluster/settings","query":{"include_defaults":true},"statusCode":401,"response":"{\"error\":{\"root_cause\":[{\"type\":\"security_exception\",\"reason\":\"failed to authenticate user [kibana]\",\"header\":{\"WWW-Authenticate\":\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"}}],\"type\":\"security_exception\",\"reason\":\"failed to authenticate user [kibana]\",\"header\":{\"WWW-Authenticate\":\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"}},\"status\":401}","wwwAuthenticateDirective":"Basic realm=\"security\" charset=\"UTF-8\""}"}
{"type":"log","@timestamp":"2019-09-15T09:05:21Z","tags":["warning","task_manager"],"pid":15330,"message":"PollError [security_exception] failed to authenticate user [kibana], with { header={ WWW-Authenticate="Basic realm=\"security\" charset=\"UTF-8\"" } }"}
{"type":"log","@timestamp":"2019-09-15T09:05:21Z","tags":["warning","maps"],"pid":15330,"message":"Error scheduling telemetry task, received NotInitialized: Tasks cannot be scheduled until after task manager is initialized!"}
{"type":"log","@timestamp":"2019-09-15T09:05:21Z","tags":["warning","telemetry"],"pid":15330,"message":"Error scheduling task, received NotInitialized: Tasks cannot be scheduled until after task manager is initialized!"}

Please help me.

Thanks,
Dinesh

2

Welcome to Elastic forums!

Did you follow this blog post?

We recommend enabling TLS for node to node encryption and for all communications btw Kibana and ES. It is clearly given step by step in the above blog post.

3

What does the elasticsearch log say?
It is very hard to debug an authentication problem from outside the ES node - you need to read the logs.

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.