Hello -
I'm running Elastic/Kibana version 7.16.2 on Linux with SSL enabled and CA signed certs.
My TLS related Kibana settings are:
server.ssl.enabled: true
server.ssl.certificate: /path/to/server.crt
server.ssl.key: /path/to/server.key
server.ssl.supportedProtocols: ["TLSv1.1", "TLSv1.2"]
elasticsearch.ssl.certificateAuthorities: ["/path/to/ca.crt"]
xpack.encryptedSavedObjects.encryptionKey: somelongstring.....
xpack.action.ssl.verificationMode: certificate
When trying to test my webhook connector from the Kibana Rules and Connectors interface I get the following TLS error:
[ECONNRESET] Client network socket disconnected before secure TLS connection was established
My endpoint is a NiFi server which requires authentication. I can successfully run the following curl command from my Kibana host to the NiFi host:
curl -XPOST --cert /path/to/server.crt --key /path/to/server.key --cacert /path/to/ca.crt 'https://somenifihost:12345'
When running this curl command I see in the NiFi logs that curl is passing my cert. However, when running Test from the Kibana Rules and Connectors interface I see no indication that Kibana is passing a certificate in the NiFi logs.
The error that NiFi is throwing (shown below), is incidental to the error I get if I try and curl to NiFi without any certificates which makes me believe Kibana is not passing the certificate to NiFi.
javax.net.ssl.SSLHandshakeException: Empty server certificate chain
I increased logging in Kibana but that didn't show me any useful information.
If I set "xpack.actions.ssl.verificationMode: none" and disable authentication in NiFi the webhook works as expected.
Any help would be greatly appreciated.
Thanks,
Butch