I am using the the same set of certificates in bot ES server and client.
I am trying to connect to the ES cluster manually and without the hostname verification for now.
But still getting the error:-
[2023-08-25T04:57:44.444+00:00][ERROR][plugins.interactiveSetup.elasticsearch] Failed to authenticate with host "https://192.168.1.38:9200": unable to verify the first certificate
[2023-08-25T04:58:01.635+00:00][INFO ][plugins-system.preboot] Stopping all plugins.
Do you have access to your kibana.yml file? Can you send paste the content here. And please ensure that those elasticsearch ssl certificate if the one you used in your elasticsearch nodes. Because I can see that your are pointing the elasticsearch ssl certs to your /usr/share/kibana... make sure the certs on that path for elasticsearch is actually the elasticsearch certs.
I entered inside the docker container and here is the kibana.yml file:-
kibana@b49d5114c916:~/config$ cat kibana.yml
THIS IS AN AUTO-GENERATED FILE
Default Kibana configuration for docker target
server.host: "0.0.0.0"
server.shutdownTimeout: "5s"
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
monitoring.ui.container.elasticsearch.enabled: truekibana
It does not reflect the settings am passing as docker run, which I assume is expected behaviour.
I am using same set of certs in ELASTICSEARCH and KIBANA.
What do you mean by:-
Because I can see that your are pointing the elasticsearch ssl certs to your /usr/share/kibana... make sure the certs on that path for elasticsearch is actually the elasticsearch certs.
Shouldn't It be /usr/share/kibana...
If not , do let me know what is the correct path.
The reason why kibana.yml file is not reflecting the settings you are passing in your docker run is because the docker run is overriding the settings in the kibana.yml file. Docker will always take precedence over the settings in the kibana.yml file.
This is what you are currently doing, for example.
sudo docker run -p 5601:5601 -e
ELASTICSEARCH.SSL.CERTIFICATEAUTHORITIES=/usr/share/kibana/config/certs/CA.pem
is the elasticsearch CA in this path /usr/share/kibana/config/certs/CA.pem ? If you are using a self signed, this is going to be different from the Kibana's CA. So make sure you are using the CA for elasticsearch in the path.
[2023-08-25T11:44:31.170+00:00][ERROR][plugins.interactiveSetup.elasticsearch] Failed to authenticate with host "https://192.168.1.38:9200": unable to verify the first certificate
Also, why are you asking about 8.7.0?
Is there anything in 8.7.0 which I should be concerned with?
And, If I want to connect to the ES server running in some other network and kibana in some other network, Can't I connect to it manually?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.