Watcher ssl fail

hofrichterovak · January 19, 2024, 12:56pm

Hello,

I read the documentation about sending email with PDF dashboard in the attachment >>> Automatically generate reports | Kibana Guide [8.9] | Elastic

I wanted to create my own watcher. My Kibana version is 7.17.8

Manually generating PDF reports works.

Problem is that my watcher has this alert:

    "actions": [
      {
        "id": "send_email",
        "type": "email",
        "status": "failure",
        "error": {
          "root_cause": [
            {
              "type": "s_s_l_handshake_exception",
              "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
            }
          ],
          "type": "s_s_l_handshake_exception",
          "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
          "caused_by": {
            "type": "validator_exception",
            "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
            "caused_by": {
              "type": "sun_cert_path_builder_exception",
              "reason": "unable to find valid certification path to requested target"
            }
          }
        }
      }
    ]

My watcher looks like this. Please, how can I fix it?

{
  "trigger": {
    "schedule": {
      "interval": "3m"
    }
  },
  "input": {
    "none": {}
  },
  "condition": {
    "always": {}
  },
  "actions": {
    "send_email": {
      "email": {
        "profile": "standard",
        "attachments": {
          "xxx.pdf": {
            "reporting": {
              "url": "https://xxxxx.cz/api/reporting/generate/printablePdfV2?jobParams=h%3A%21f%2CviewMode%3Aview%29%2Cversion%3A%277.17.8%27%29%29%2CobjectType%3Adashboard%2Ctitle%3A%27GSK%20SQL%20DWH%27%2Cversion%3A%277.17.8%27%29",
              "retries": 40,
              "interval": "15s",
              "auth": {
                "basic": {
                  "username": "elastic",
                  "password": "::es_redacted::"
                }
              }
            }
          }
        },
        "to": [
          "katerina.xx@xx.cz"
        ],
        "subject": "YX"
      }
    }
  }
}

My elasticsearch.yml:

xpack.security.enabled: true	

xpack.security.transport.ssl.enabled: true	
xpack.security.transport.ssl.verification_mode: certificate	
xpack.security.transport.ssl.keystore.path: certs/master-1	
xpack.security.transport.ssl.truststore.path: certs/master-1	

xpack.security.http.ssl.enabled: true	
xpack.security.http.ssl.keystore.path: certs/master-1	
xpack.security.http.ssl.truststore.path: certs/master-1

xpack.http.ssl.key: "/etc/elasticsearch/certs/newfile.key.pem"
xpack.http.ssl.certificate: "/etc/elasticsearch/certs/newfile.crt.pem"
xpack.http.ssl.certificate_authorities: "/etc/elasticsearch/certs/ca.crt"
xpack.http.ssl.verification_mode: certificate
xpack.watcher.enabled: true

Thank you.

hofrichterovak · February 5, 2024, 1:57pm

Resolved with verification_mode: none.

system · March 4, 2024, 1:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Watcher for report with attachment failed due to ssl handshake exception Kibana elastic-stack-security , elastic-stack-alerting	4	3280	July 27, 2020
Kibana watcher error throwing SSL handshake even though CA is same for both Kibana & Elasticsearch Kibana elastic-stack-alerting	2	504	July 17, 2023
S_s_l_handshake_exception in watcher Elasticsearch elastic-stack-reporting , elastic-stack-alerting	1	601	November 21, 2022
Unable to find valid certification path to requested target Kibana elastic-stack-alerting	2	4843	July 6, 2021
Handshake error attaching report Kibana	2	367	August 24, 2020

Watcher ssl fail

Related Topics