My company has issued an ssl certificate in 3 formats xxxxBase64.cer, xxxxDERCert.cer and xxxx.p7b
Kibana-4.3.0 on linux machine
I want to have ssl configuration for kibana when opened in browser, not for requests between elasticsearch and kibana.
My elasticsearch still runs on http:// and not https://
I have not installed shield neither on elasticsearch nor kibana. I think that ssl configuration on kibana is independent of shield, correct me if I am wrong.
I found two options in kibana
ssl.server.cert
ssl.server.key
Guide me if only these two configuration is sufficient.
My question is the key asked here is private or public key.
If it is private key, then I have read on the net that .p7b files does not contain private key.
I am not able to find solutions to generate .cert and .key from certificates issued to me.
@aviral_srivastava you'll want to convert the certificates into PEM format. You're on the right track for which kibana settings to use, server.ssl.cert and server.ssl.key should be a path to the PEM encoded format of the certificate and key.
The following is an example of converting the xxxxDERCert.cer: openssl x509 -inform der -in xxxxDERCert.cer -out certificate.pem
and you can do a similar thing for the xxxx.p7b with: openssl pkcs7 -print_certs -in xxxx.p7b -out certificate.pem
In first command , certificate.pem file is not created and there are also no warnings.
In second command for.p7b file I am getting
unable to load PKCS7 object
12576:error:0906D06C:PEM routines:PEM_read_bio:no start line:./crypto/pem/pem_lib.c:647:Expecting: PKCS7
error in pkcs7
And about the private key, how can I check for private key ? or what is telling there is no private key ?
I have generated the ssl certificate and key on linux machine.
When I am starting kibana.
In the log it says:-
log [17:49:38.853] [info][status][plugin:kibana] Status changed from uninitialized to green - Ready
log [17:49:38.925] [info][status][plugin:elasticsearch] Status changed from uninitialized to yellow - Waiting for Elasticsearch
log [17:49:38.965] [info][status][plugin:kbn_vislib_vis_types] Status changed from uninitialized to green - Ready
log [17:49:38.977] [info][status][plugin:markdown_vis] Status changed from uninitialized to green - Ready
log [17:49:38.994] [info][status][plugin:metric_vis] Status changed from uninitialized to green - Ready
log [17:49:39.002] [info][status][plugin:spyModes] Status changed from uninitialized to green - Ready
log [17:49:39.009] [info][status][plugin:elasticsearch] Status changed from yellow to green - Kibana index ready
log [17:49:39.013] [info][status][plugin:statusPage] Status changed from uninitialized to green - Ready
log [17:49:39.021] [info][status][plugin:table_vis] Status changed from uninitialized to green - Ready
log [17:49:39.046] [info][listening] Server running at https://xx.xx.xx.xxx:8601
But on browser, it shows Not secure( in red colour ), although kibana running. Do I need to install the ssl certificate on linux machine too.
Can you guide me with the installation.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.