I've read other related questions and I confirmed this is a new question
I have started the elasticsearch service, but because other clients will report certificate errors, I turned off ssl in config/elasticsearch.yml
# elasticsearch.yml
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: false
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: false
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
This allows me to use http requests to run information
PS D:\workspace> curl -u elastic:password http://192.168.1.116:9200/
{
"name" : "DESKTOP-2UC2O3V",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "w5AagL97RGWHEWN2qKbQ5w",
"version" : {
"number" : "8.11.1",
"build_flavor" : "default",
"build_type" : "zip",
"build_hash" : "6f9ff581fbcde658e6f69d6ce03050f060d1fd0c",
"build_date" : "2023-11-11T10:05:59.421038163Z",
"build_snapshot" : false,
"lucene_version" : "9.8.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
PS D:\workspace>
But when I start kibana, the console will report an error
[2023-11-18T09:51:12.910+08:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. security_exception
Root causes:
security_exception: missing authentication credentials for REST request [/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip]
But when I use curl to request this address, there is no problem
PS D:\workspace> curl -u elastic:password http://192.168.1.116:9200/_nodes?filter_path=nodes.*.version%2Cnodes.*.http.publish_address%2Cnodes.*.ip
{"nodes":{"oIXkXqt7RJiwVY7mwm8alA":{"ip":"127.0.0.1","version":"8.11.1","http":{"publish_address":"172.22.48.1:9200"}}}}
Even when I stop elasticsearch, I can start kibana normally. I speculate that when kibana starts, it will first determine whether there is an elasticsearch service locally. If so, it will directly request the local one without entering the configuration?
I also tried modifying the ssl verification in kibana.yml
# kibana.yml
elasticsearch.ssl.verificationMode: none
But he still doesn't work properly,
When I open localhos:5601, it says
Kibana server is not ready yet.
What should I do now to ignore ssl when kibana requests elasticsearch