Hello,
I am new at this topic and trying to install an ELK as described in the installation docs.
It seems to be all fine except that Kibana cannot connect to Elasticsearch.
I am getting the error message in the Kiba alog:
Unable to retrieve version information from Elasticsearch nodes. socket hang up
Elasticsearch.yml
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["ELK"]
# Allow HTTP API connections from localhost and local networks
# Connections are encrypted and require user authentication
http.host: [_local_, _site_]
kibana.yml
elasticsearch.hosts: ["http://localhost:9200"]
elasticsearch.serviceAccountToken: "token which was created with lasticsearch-create-enrollment-token -s kibana"
xpack.encryptedSavedObjects.encryptionKey: xxxxxxxxxxxxxxxxxx
xpack.reporting.encryptionKey: xxxxxxxxxxxxxxxxxxxxx
xpack.security.encryptionKey: xxxxxxxxxxxxxxxxxxxxxxx
As far as I understood for Elasticsearch xpack is enabled by default but i didnt saw an howto in the installation guide for Kibana for securing the connection to Elasticsearch.
Do i have to create an user or serviceuser in Elasticsearch or do I have to create an new ca with new certificates which hast to be set in Elasticsearch.yml and kibana.yml?
Thanks a lot for any informatin
Bewst regards