Watcher ssl fail

hofrichterovak · January 19, 2024, 12:56pm

Hello,

I read the documentation about sending email with PDF dashboard in the attachment >>> Automatically generate reports | Kibana Guide [8.9] | Elastic

I wanted to create my own watcher. My Kibana version is 7.17.8

Manually generating PDF reports works.

Problem is that my watcher has this alert:

    "actions": [
      {
        "id": "send_email",
        "type": "email",
        "status": "failure",
        "error": {
          "root_cause": [
            {
              "type": "s_s_l_handshake_exception",
              "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
            }
          ],
          "type": "s_s_l_handshake_exception",
          "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
          "caused_by": {
            "type": "validator_exception",
            "reason": "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
            "caused_by": {
              "type": "sun_cert_path_builder_exception",
              "reason": "unable to find valid certification path to requested target"
            }
          }
        }
      }
    ]

My watcher looks like this. Please, how can I fix it?

{
  "trigger": {
    "schedule": {
      "interval": "3m"
    }
  },
  "input": {
    "none": {}
  },
  "condition": {
    "always": {}
  },
  "actions": {
    "send_email": {
      "email": {
        "profile": "standard",
        "attachments": {
          "xxx.pdf": {
            "reporting": {
              "url": "https://xxxxx.cz/api/reporting/generate/printablePdfV2?jobParams=h%3A%21f%2CviewMode%3Aview%29%2Cversion%3A%277.17.8%27%29%29%2CobjectType%3Adashboard%2Ctitle%3A%27GSK%20SQL%20DWH%27%2Cversion%3A%277.17.8%27%29",
              "retries": 40,
              "interval": "15s",
              "auth": {
                "basic": {
                  "username": "elastic",
                  "password": "::es_redacted::"
                }
              }
            }
          }
        },
        "to": [
          "katerina.xx@xx.cz"
        ],
        "subject": "YX"
      }
    }
  }
}

My elasticsearch.yml:

xpack.security.enabled: true	

xpack.security.transport.ssl.enabled: true	
xpack.security.transport.ssl.verification_mode: certificate	
xpack.security.transport.ssl.keystore.path: certs/master-1	
xpack.security.transport.ssl.truststore.path: certs/master-1	

xpack.security.http.ssl.enabled: true	
xpack.security.http.ssl.keystore.path: certs/master-1	
xpack.security.http.ssl.truststore.path: certs/master-1

xpack.http.ssl.key: "/etc/elasticsearch/certs/newfile.key.pem"
xpack.http.ssl.certificate: "/etc/elasticsearch/certs/newfile.crt.pem"
xpack.http.ssl.certificate_authorities: "/etc/elasticsearch/certs/ca.crt"
xpack.http.ssl.verification_mode: certificate
xpack.watcher.enabled: true

Thank you.

hofrichterovak · February 5, 2024, 1:57pm

Resolved with verification_mode: none.

system · March 4, 2024, 1:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Watcher for report with attachment failed due to ssl handshake exception Kibana elastic-stack-security , elastic-stack-alerting	4	3284	July 27, 2020
[KIBANA] Xpack notification Kibana elastic-stack-alerting	4	437	May 22, 2019
Kibana watcher error throwing SSL handshake even though CA is same for both Kibana & Elasticsearch Kibana elastic-stack-alerting	2	504	July 17, 2023
Watcher updates_documents is not working after v7.3 Elasticsearch	2	425	October 20, 2019
S_s_l_handshake_exception in watcher Elasticsearch elastic-stack-reporting , elastic-stack-alerting	1	601	November 21, 2022

Watcher ssl fail

Related topics