Okta integration with Elasticsearch

Gauti · September 24, 2020, 4:18am

Hi All,

We are trying to do an integration of elasticsearch with Okta, we have succeded the integration for our development box, where we have not enabled any TLS/SSL.

But when do the integration for production setup, we are not able to succeed, have done all the configurations and while starting the service it fails, log says

[2020-09-22T06:38:17,612][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [1.3.5.2] http client did not trust this server's certificate, closing connection Netty4HttpChannel{localAddress=/1.3.5.2:9200, remoteAddress=/1.4.2.9:65391}

I see there is some error with certificate, but i dont have knowledge on certificate part, can someone tell me where the certificate error, should i need to provide the certificate generated in elasticsearch and ask them to add in Okta
or should i need to get okta certificate and add it in elasticsearch.

or is there any other configurations i need to do.

This is my Okta configuration in elasticsearch.yml

xpack.security.authc.realms.saml.prod-saml-prod:
   order: 2
   idp.metadata.path: "/etc/elasticsearch/certs/ELK_Prod.xml"
   idp.entity_id: "http://www.okta.com/kalxreufkjdfnsliaw8"
   sp.entity_id: "https://dashboard.prod.com:5601"
   sp.acs: "https://dashboard.prod.com:5601/api/security/v1/saml"
   sp.logout: "https://dashboard.prod.com:5601/logout"
   attributes.principal: "nameid"
   attributes.groups: "groups"

Any advice please.

Thanks
Gautham

Gauti · September 24, 2020, 5:18pm

Any advice please???

Thanks
Gautham

ikakavas · October 6, 2020, 1:49pm

The log you shared is from a client connection to elasticsearch, and the client does not trust the certificate that elasticsearch is presenting. This is unrelated to saml and okta.

If you still have this issue you should share your elasticsearch tls configuration and figure out what is running on 1.4.2.9 as this is what tries to connect and fails

Gauti · October 6, 2020, 6:03pm

@ikakavas Here is my TLS configuration,

#-------------------------------------TLS/SSL--------------------------------------
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/elastic-certificates.p12
#
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/certs/elastic-certificates.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/certs/elastic-certificates.p12
xpack.security.http.ssl.client_authentication: optional
#

Trying to figure out whats stopping me in 1.4.2.9 , will update soon.

Thanks
Gautham

Topic		Replies	Views
SAML Issue in ELK 7.6.4 Elasticsearch elastic-stack-security	6	1326	October 29, 2020
Okta Integration with elasticsearch Elasticsearch elastic-stack-security	5	1719	June 16, 2020
Failed to authenticate user with OpenID Connect in trial version of elasticsearch Elasticsearch elastic-stack-security	5	1467	May 8, 2020
Elastic Cloud Deployment on AWS & SAML Okta Elasticsearch elastic-stack-security	5	579	November 26, 2020
SAML OKTA on KIBANA not working Elasticsearch elastic-stack-security	5	1170	February 25, 2020

Okta integration with Elasticsearch

Related topics