Hi. I have established TLS on our cluster (v7.11.1). Entire cluster seems to be working fine except Alerts and Report section.
The alerting section in kibana still says " You must enable Transport Layer Security Alerting relies on API keys, which require TLS between Elasticsearch and Kibana. Learn how to enable TLS ."
I believe I took all the relevant steps to secure the connection between Kibana and Elasticsearch. Here are the config parameters currently set in my yml files.
As far as I know these are complete, and if they aren't, we'll have to get someone in security involved, as I'm not sure exactly how all these work together. Most people hitting the TLS warning in Alerting, that are attempting to use TLS, usually end up having a TLS terminator in front of elasticsearch, which is not currently supported (there is an issue in elasticsearch to allow such configurations). That doesn't appear to be the case here, it looks like elasticsearch is being configured to run in TLS mode directly - but again, I'm not an expert here.
Some simple things to check:
have Kibana and elasticsearch been restarted?
anything security-related or alert-related in the elasticsearch or Kibana logs?
I have rechecked the Kibana Guide you mentioned, also folowed the link on how to enable TLS and I didn't find any mistakes in my configuration.
Kibana and Elasticsearch have been restarted numerous times.
Didn't find any alerts in logs besides deprecation.
Do the xpack.security.http.ssl settings have to be configured on all elasticsearch nodes?
I have 8 nodes in my cluster, but kibana is only connecting to two, which do have the configuration above.
Good question, I don't know for sure, but seems like it could be confusing for you in the future to have different settings for different nodes.
Did you include the https protocol in your kibana.yml setting for elasticsearch.hosts? I didn't see one in your config above; example from the doc I referenced:
There were some additional security related configs referenced in one of the docs I linked to before, that aren't listed in your config above - Configure security in Kibana | Kibana Guide [8.11] | Elastic - but I'm guessing you already had security configured, and are just looking at enabling TLS?
I have kibana installed on the same node where I have the elasticsearch installed with the configuration above. I have different configurations of elasticsearch depending on their roles.
3x master, 3x data and 2x coordinating nodes with kibana.
Yes, I have https in my configuration. It is pointing to itself.
As you have written I have security already configured and I only have problems with TLS section. From the manul page you mentioned I don't have xpack.security.session values set, but I'm guessing they are irrelevant to what I'm trying to achieve.
No, not yet. I'm stuck running in circles. Rechecking the configuration, going through the manual.
I even cleared everything starting from scratch. Same result.
Good afternoon. And can you send the settings of these 2 yml files (without keys, instead of keys put....)? how did you set up the certificates (I haven't been able to do it for 4 days) ? sergmartynenko1986@yandex.ru
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
