First, the error:
[2016-09-07 13:38:32,362][WARN ][shield.authc.activedirectory] [node_test01] authentication failed for user [KibanaTest]: failed to connect to any active directory servers
cause: com.unboundid.ldap.sdk.LDAPException: An error occurred while attempting to connect to server mydomain.com:389: java.io.IOException: Unable to verify an attempt to to establish a secure connection to 'mydomain.com:389' because an unexpected error was encountered during validation processing: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
This is what the config looks like in elasticsearch.yml:
Set the keystore path:
It's running on a Windows Server 2012 R2 machine. In order to create the keystore, I exported the Root CA from the cert manager on the server and copied it into a .pem file to import. I did not include anything else because the Intermediate CA cert was identical. Our infrastructure admins confirmed that the URL and port are correct, and the Kibana credentials I entered in its config file are also correct. What else could I check? Did I miss something?
Thanks in advance for any advice.