Reporting encryptionKey vs multiple instances

Trying to get reporting working here.

Currently got multiple kibana instances using the same .kibana and .reporting index in the same elastic cluster, initially they used a random generated encryptionKey but now I've configured it like this:

xpack.reporting.encryptionKey: kibana-reports

But still seeing this on launch of kibana:

{"type":"log","@timestamp":"2019-11-21T09:17:38Z","tags":["warning","plugins","security","config"],"pid":2022,"message":"Generating a random key for xpack.security.encryptionKey. To prevent sessions from being invalidated on restart, please set xpack.security.encryptionKey in kibana.yml"}

Appreciate any hints on how to fix this, TIA!

Hey @stefws,

Kibana is actually complaining about a different setting here:
xpack.security.encryptionKey
vs
xpack.reporting.encryptionKey

There are a couple of different encryption keys that Kibana asks you to set. The security encryption key is used to encrypt the session cookies when users login to Kibana. You will want to set this to the same value on each Kibana instance, so that all instances know how to decrypt the session cookie, regardless of which instance initially created it.

The reporting encryption key is used to encrypt sensitive data in the .reporting index, and should likewise be the same across all of your Kibana instances that share the same .reporting index.

It's not necessary to set xpack.reporting.encryptionKey and xpack.security.encryptionKey to the same value though -- you can (and should) use distinct encryption keys for each of these settings, but they should be consistent across all of your instances.

:wink: thanks for pointing out the obviously hard to see

1 Like