"This Elastic installation has strict security requirements enabled that your current browser does not meet

Hi All

I am not able to access the Kibana UI .

I am using Google Chrome (ver 87). The error I am getting is

"This Elastic installation has strict security requirements enabled that your current browser does not meet."
I have tried other browsers (Edge, firefox etc) without any success.

This is a new installation 0f version 7.10

# rpm -qa|grep -i -E "elastic|kibana|logstash|fileb"
elasticsearch-7.10.0-1.x86_64
kibana-7.10.0-1.x86_64
filebeat-7.10.0-1.x86_64
logstash-7.10.0-1.x86_64

I have confirmed Elasticsearch is running

# netstat -tulpn|grep -e java -e node
tcp        0      0 127.0.0.1:9600          0.0.0.0:*               LISTEN      1327/java
tcp        0      0 111.111.111.111:5601        0.0.0.0:*               LISTEN      5866/node
tcp        0      0  111.111.111.111:9200        0.0.0.0:*               LISTEN      1696/java
tcp        0      0 0.0.0.0:5044            0.0.0.0:*               LISTEN      1327/java
tcp        0      0  111.111.111.111:9300        0.0.0.0:*               LISTEN      1696/java

# curl -k  -XGET https://FQDN:9200/_cluster/health?pretty -u elastic:password
{
  "cluster_name" : "cluster",
  "status" : "yellow",
  "timed_out" : false,
  "number_of_nodes" : 1,
  "number_of_data_nodes" : 1,
  "active_primary_shards" : 14,
  "active_shards" : 14,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 2,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 87.5
}

kibana.yml looks like the following

# grep -v -e ^$ -e ^# kibana.yml
logging.dest: /var/log/kibana/kibana.log
logging.silent: false
logging.quiet: false
logging.verbose: false
telemetry.optIn: false
telemetry.enabled: false
xpack.reporting.capture.browser.chromium.disableSandbox: false
xpack.security.enabled: true
server.name: kibana
server.host: MYSERVER.example.com
server.ssl.enabled: true
server.ssl.certificate: /etc/kibana/config/certs/MYSERVER.crt
server.ssl.key: /etc/kibana/config/certs/MYSERVER.key
server.ssl.certificateAuthorities: [ "/etc/kibana/config/certs/ca.pem" ]
elasticsearch.hosts: ["https://MYSERVER.example.com:9200"]
elasticsearch.username: kibana_system
elasticsearch.password: password
elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/config/certs/ca.pem" ]
elasticsearch.ssl.verificationMode: none
csp.strict: true
csp.rules:
 - "script-src https://MYSERVER.example.com 'self' 'unsafe-inline' 'unsafe-eval' https://*"
 - "child-src 'MYSERVER'"

Can any one help ?

Kibana shows this message when a browser doesn't satisfy the CSP requirements (namely, it doesn't specify unsafe-inline) in strict mode (csp.strict: true). There seems to be a problem with configured csp.rules.

Can you suggest what should be the rules please ?

This is what I have now

csp.rules:
 - "script-src https://MYSERVER.example.com 'self' 'unsafe-inline' 'unsafe-eval' https://*"
 - "child-src 'MYSERVER'"

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.