Received plaintext http traffic on an https channel

armughan · October 18, 2021, 11:53am

I'm configuring a single node Elasticsearch & Kibana (7.15.1) set up with FQDN behind Nginx Proxy on a single EC2 instance.
Everything is correctly set up when I tried to turn on Alerts in heartbeat (Observability) it said to set up SSL/TLS communication between Kibana & Elasticsearch. from the articles on Elastic.co I have added the below configuration but having log in Elasticsearch even after turning off kibana.

 received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/127.0.0.1:9200, remoteAddress=/127.0.0.1:60414}

These are the configuration added for TLS/SSL set u in Elasticsearch

xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.authc.api_key.enabled: true
xpack.security.authc.api_key.hashing.algorithm: pbkdf2
xpack.security.http.ssl.key: /etc/elasticsearch/ssl/privkey.pem
xpack.security.http.ssl.certificate: /etc/elasticsearch/ssl/fullchain.pem
xpack.security.http.ssl.supported_protocols: [ "TLSv1.2", "TLSv1.1" ]

Please any one help me in this issue.

Roberto_Seldner · October 19, 2021, 1:51am

Welcome Armughan. What does your heartbeat output config look like? Is it still using http (default)?

zx8086 · October 19, 2021, 6:54pm

Hi @armughan,

Usually the beat agent or node sending the information via http is specified in the remote address. You can then check that this is sending information via http to the https endpoint.

system · November 16, 2021, 6:55pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.