Hi. Trying to get Kibana accessible via HTTPS but it's not working. I have a Platinum license.
I have certs configured on my ES nodes and they are communicating via SSL.
When I try to enable the HTTPS config in Kibana my /var/log/messages file gets filled up with these error messages:
Jun 2 19:31:34 kibana1 kibana: {"type":"error","@timestamp":"2018-06-02T09:31:34Z","tags":["fatal"],"pid":14256,"level":"fatal","error":{"message":"child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]","name":"ValidationError","stack":"ValidationError: child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]\n at Object.exports.process (/usr/share/kibana/node_modules/joi/lib/errors.js:181:19)\n at _validateWithOptions (/usr/share/kibana/node_modules/joi/lib/any.js:651:31)\n at root.validate (/usr/share/kibana/node_modules/joi/lib/index.js:121:23)\n at Config._commit (/usr/share/kibana/src/server/config/config.js:119:35)\n at Config.set (/usr/share/kibana/src/server/config/config.js:89:10)\n at Config.extendSchema (/usr/share/kibana/src/server/config/config.js:62:10)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:22:12\n at next (native)\n at step (/usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:191)\n at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:361"},"message":"child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]"}
Jun 2 19:31:34 kibana1 systemd: kibana.service: main process exited, code=exited, status=1/FAILURE
Jun 2 19:31:34 kibana1 systemd: Unit kibana.service entered failed state.
Jun 2 19:31:34 kibana1 systemd: kibana.service failed.
Jun 2 19:31:34 kibana1 systemd: kibana.service holdoff time over, scheduling restart.
Jun 2 19:31:34 kibana1 systemd: Started Kibana.
Jun 2 19:31:34 kibana1 systemd: Starting Kibana...
Then it just goes into a loop...
Extract of my /etc/kibana/kibana.yml with the x-pack part:
xpack.security.encryptionKey: "1234563872093741209384876237890123"
xpack.security.sessionTimeout: 600000
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.key: /etc/kibana/kibana1.key
xpack.security.http.ssl.certificate: /etc/kibana/kibana1.pem
xpack.security.http.ssl.certificate_authorities: [ "/etc/kibana/elastic_ca.pem" ]