Do "Kibana Keystore" work with SearchGuard?

Hello guys. Im currently testing the integration of ELK stack + searchguard.
I did create a few users as it follows in the documentation, with the sg_internal_users.yml and
It is working very nice. But something that i would like to do, would be, Not using the clear text password in my kibana.yml when using kibana.

so i, tried to use the Kibana Keystore in order to hide the clear text password. But when i start Kibana, i get the following error:

“License information could not be obtained from Elasticsearch due to Authentication Exception :: {“path”:”/_xpack",“statusCode”:401,“response”:“Unauthorized”,“wwwAuthenticateDirective”:“Basic realm=\“Search Guard\””} error"}

and a few:

[ResponseError]: Response Error

I’ve been following either the Elk documentation and the SearchGuard Documentation in my deployment.
Would like to know if my “error” means that it is not possible to use the Kibana Keystore, or maybe im doing something wrong, or maybe SearchGuard gives us an alternative to it.

Thank you so much for your help

Just found out the solution. It was my bad.

I just created a kibana keystore with “elasticsearch.username” and “elasticsearch.password”, and it worked.

And removed those fields from the kibana .yml. I was creating just for the “elasticsearch.password” field, and probably it did run this bug. i dont know.

Even though, if there is a better way and secure way to do this, im avaliable to hear.

1 Like

I’m glad that you solved this. To add more security, make sure that a separate restricted user runs Kibana and Elasticsearch.

1 Like

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.