Unable to retrieve version information from Elasticsearch nodes. socket hang up

EliWallic · February 13, 2022, 10:01am

Hello,

I am new at this topic and trying to install an ELK as described in the installation docs.
It seems to be all fine except that Kibana cannot connect to Elasticsearch.
I am getting the error message in the Kiba alog:
Unable to retrieve version information from Elasticsearch nodes. socket hang up

Elasticsearch.yml

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["ELK"]

# Allow HTTP API connections from localhost and local networks
# Connections are encrypted and require user authentication
http.host: [_local_, _site_]

kibana.yml

elasticsearch.hosts: ["http://localhost:9200"]
elasticsearch.serviceAccountToken: "token which was created with lasticsearch-create-enrollment-token -s kibana"
xpack.encryptedSavedObjects.encryptionKey: xxxxxxxxxxxxxxxxxx
xpack.reporting.encryptionKey: xxxxxxxxxxxxxxxxxxxxx
xpack.security.encryptionKey: xxxxxxxxxxxxxxxxxxxxxxx

As far as I understood for Elasticsearch xpack is enabled by default but i didnt saw an howto in the installation guide for Kibana for securing the connection to Elasticsearch.

Do i have to create an user or serviceuser in Elasticsearch or do I have to create an new ca with new certificates which hast to be set in Elasticsearch.yml and kibana.yml?

Thanks a lot for any informatin

Bewst regards

EliWallic · February 13, 2022, 11:17am

Forgot to set https for Elasticsearch.
No I am getting the error:
Unable to retrieve version information from Elasticsearch nodes. self signed certificate in certificate chain

Best regards

ikakavas · February 13, 2022, 3:49pm

Hi there ! Security features are enabled by default in Elasticsearch and kibana as of version. 8.0.0 !

When you installed Elasticsearch, the first time you started it up, you would have received a password for the elastic user and an enrolment token that you could use to configure kibana. If you didn’t make use of these, you can still take advantage of the simplified setup :

Create an enrolment token in Elasticsearch with

elasticsearch-create-enrollment-token -s kibana

Reinstall kibana , start it and follow the instructions in your browser. It will ask you to enter the enrollment token you just created and kibana will configure itself to talk to Elasticsearch

See here too Install Kibana from archive on Linux or macOS | Kibana Guide [8.0] | Elastic

EliWallic · February 13, 2022, 9:18pm

Thanks for the hint. Unfortunately there were little more steps needed but its runnign now.
Thanks a lot.

Best regards

system · March 13, 2022, 9:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.