I've manage to build our ELK environment on Ubuntu 20.0.4 (not Docker) and setup Elastiflow, it works great and I followed this guide which also uses self certs, so we just access using https://1.2.3.4:5601 for example.
I've now been asked to use a proper FQDN for it like https://vmnetflow.mydomain.com and the team that looks after our certificates have given me 2 files. Btw I'm not expert at certificates or ELK.
Then edited the Elasticsearch and kibana yml files to point to these. I then restart the services which are successful and then try the url of https://vmnetflow.mydomain.com and it says it can't connect, not page loads at all. If I try using the IP I get the same issue.
I'm not entirely sure what I need do next to check.
My elastiflow config here. I've # out the working self certs (3 lines) so you can see the working ones too.
If I just change the cert path in the Elasticsearch.yml first (I'm not sure if I have to do the Kibana.yml to or can do after) then the log file doesn't show any errors, but the page doesn't load and says:
"{"statusCode":503,"error":"Service Unavailable","message":"License is not available."}:
[2022-01-12T17:25:41,521][INFO ][o.e.c.r.a.AllocationService] [svr-elastiflow] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.kibana-event-log-7.15.0-000001][0]]]).
We'll need to see the Kibana logs to know why Kibana isn't working.
There is not much in the kabana.log in /var/log/kibana.log after I restart the service:
{"type":"log","@timestamp":"2022-01-13T13:35:16+00:00","tags":["info","plugins-system","standard"],"pid":2473,"message":"Stopping all plugins."}
{"type":"log","@timestamp":"2022-01-13T13:35:16+00:00","tags":["info","plugins","monitoring","monitoring","kibana-monitoring"],"pid":2473,"message":"Monitoring stats collection is stopped"}
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.