Hi so I'm trying to connect Kibana to Elasticsearch both of which have the Shield Plugin installed and both are running at the moment of this testing on the same machine. I have followed the guides from elastic: https://www.elastic.co/guide/en/shield/current/kibana.html, https://www.elastic.co/guide/en/shield/current/ssl-tls.html#generate-csr. I was able to use the keytool to generate a certificate and private key into the keystore and then used both to create a CSR which I submitted to Comodo and received back a signed certificate. I then followed instructions and downloaded the X509, Base64 encoded certificate and imported it into the keystore. The issue that I am running into is in the Kibana.yml file, its requesting the path for server.ssl.cert and server.ssl.key. I have tried pointing it to the keystore and pointing the server.ssl.cert to the downloaded cert and both have yield no results. I am wondering if the server.ssl.key is not pointed correctly. Where would the key reside if not the keystore in this case? Also do I have to worry about the elasticsearch.ssl.ca option too in the Kibana.yml? Should that be pointing to the keystore as well? Lastly, for setting the shield.encryptionKey is this something that I make up or should I put the password for the keystore here? Thanks for all the help in advance!
Also here is a copy of the log file for Kibana:
FATAL { [Error: shield.encryptionKey is required in kibana.yml.]
cause: [Error: shield.encryptionKey is required in kibana.yml.],
isOperational: true }
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL [Error: error:0906D06C:PEM routines:PEM_read_bio:no start line]
FATAL { [Error: HTTPS is required. Please set server.ssl.key and server.ssl.cert in kibana.yml.]
cause: [Error: HTTPS is required. Please set server.ssl.key and server.ssl.cert in kibana.yml.],
isOperational: true }
FATAL { [Error: EACCES, permission denied '/home//<cert_name.crt>']
errno: -13,
code: 'EACCES',
path: '/home//<cert_name.crt>',
syscall: 'open' }
FATAL { [Error: EACCES, permission denied '/home//<cert_name.cer>']
errno: -13,
code: 'EACCES',
path: '/home//<cert_name.cer>',
syscall: 'open' }
FATAL { [Error: EACCES, permission denied '/home//<cert_name.crt>']
errno: -13,
code: 'EACCES',
path: '/home//<cert_name.crt>',
syscall: 'open' }
FATAL { [Error: EACCES, permission denied '/home//<cert_name.crt>']
errno: -13,
code: 'EACCES',
path: '/home//<cert_name.crt>',
syscall: 'open' }
FATAL { [Error: EACCES, permission denied '/home//<cert_name.cer>']
errno: -13,
code: 'EACCES',
path: '/home//<cert_name.cer>',
syscall: 'open' }
FATAL { [Error: HTTPS is required. Please set server.ssl.key and server.ssl.cert in kibana.yml.]
cause: [Error: HTTPS is required. Please set server.ssl.key and server.ssl.cert in kibana.yml.],
isOperational: true }