Unable to get HTTPS working on Kibana

Hi. Trying to get Kibana accessible via HTTPS but it's not working. I have a Platinum license.
I have certs configured on my ES nodes and they are communicating via SSL.
When I try to enable the HTTPS config in Kibana my /var/log/messages file gets filled up with these error messages:

Jun  2 19:31:34 kibana1 kibana: {"type":"error","@timestamp":"2018-06-02T09:31:34Z","tags":["fatal"],"pid":14256,"level":"fatal","error":{"message":"child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]","name":"ValidationError","stack":"ValidationError: child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]\n    at Object.exports.process (/usr/share/kibana/node_modules/joi/lib/errors.js:181:19)\n    at _validateWithOptions (/usr/share/kibana/node_modules/joi/lib/any.js:651:31)\n    at root.validate (/usr/share/kibana/node_modules/joi/lib/index.js:121:23)\n    at Config._commit (/usr/share/kibana/src/server/config/config.js:119:35)\n    at Config.set (/usr/share/kibana/src/server/config/config.js:89:10)\n    at Config.extendSchema (/usr/share/kibana/src/server/config/config.js:62:10)\n    at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:22:12\n    at next (native)\n    at step (/usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:191)\n    at /usr/share/kibana/src/plugin_discovery/plugin_config/extend_config_service.js:45:361"},"message":"child \"xpack\" fails because [child \"security\" fails because [\"http\" is not allowed]]"}
Jun  2 19:31:34 kibana1 systemd: kibana.service: main process exited, code=exited, status=1/FAILURE
Jun  2 19:31:34 kibana1 systemd: Unit kibana.service entered failed state.
Jun  2 19:31:34 kibana1 systemd: kibana.service failed.
Jun  2 19:31:34 kibana1 systemd: kibana.service holdoff time over, scheduling restart.
Jun  2 19:31:34 kibana1 systemd: Started Kibana.
Jun  2 19:31:34 kibana1 systemd: Starting Kibana...

Then it just goes into a loop...

Extract of my /etc/kibana/kibana.yml with the x-pack part:

xpack.security.encryptionKey: "1234563872093741209384876237890123"
xpack.security.sessionTimeout: 600000
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.key: /etc/kibana/kibana1.key
xpack.security.http.ssl.certificate: /etc/kibana/kibana1.pem
xpack.security.http.ssl.certificate_authorities: [ "/etc/kibana/elastic_ca.pem" ]

Please reach the support team. That might be the best way to move forward.

It looks like you are trying to use Elasticsearch settings in your Kibana config.

xpack.security.http.ssl.enabled is part of X-Pack for Elasticsearch, not Kibana.

The instructions for enabling SSL in Kibana are here

• https://www.elastic.co/guide/en/kibana/current/production.html#enabling-ssl

Ahh yes.
Fixed and now it's working!
I can login with https:/kibana1:5601.

This is an extract of my kibana.yml file:

elasticsearch.username: "kibana"
elasticsearch.password: "blah_+blah"

server.ssl.enabled: true
server.ssl.key: /etc/kibana/kibana1.key
server.ssl.certificate: /etc/kibana/kibana1.pem

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.