I’m new to Kibana and trying to install search guard on Kibana 6.6.1, to enable role based access control.
Please help me understand the following.
Docs Referred:
Hi,
Hi,
Thanks for your response. I could test and it’s working.
Can you provide me some pointers on enabling TLS on that. (Currently, it’s using http and not https).
What exactly do you mean? TLS on the Elasticsearch REST API or TLS for accessing Kibana?
It’s for accessing Kibana and Elastic Search. If we try running the docker-compose and access the URL on the local host, it uses http protocol. I’m trying to understand the steps that need to be performed to make it https.
i.e. Access using https://localhost:5601 instead of http://localhost:5601.
For Kibana, you can refer to the official docs regarding TLS:
https://www.elastic.co/guide/en/kibana/6.7/configuring-tls.html
The TLS config needs to be added to the kibana.yml:
In order to get the needed certificates, you can either use a certificate from a well known CA like Thawte. Or you can generate your own.
In the first case, your browser will happily accept the certificates because they are signed by a known and trusted CA. The downside is you need to pay for them.
You can also generate your own, for example by using our TLS certificate generator:
In that case, you will see a browser warning about the self-signed certificate that you will need to accept.
Hi,
I tried following the document and generate certificates using the offline TLS Tool. After generating the certificates, I have copied all those certs to the kibana/config folder and tried starting the services.
(Updated the kibana.yml with ssl related parameters). But, receiving the following error.
“FATAL Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt”.
I tried various combinations of the .pem and .key files, but nothing worked.
(In the following lines, I have provided root key entries, but I have tried with node1, spoc, kirk and other options too)
– Sample kibana.yml new lines –
server.ssl.enabled: true
server.ssl.key: /usr/share/kibana/config/root.key
server.ssl.certificate: /usr/share/kibana/config/root.pem
can you please guide on how to fix this and also what needs to be done for making https call to elastic search as well.
Hi,
The issue is fixed after I regenerated the certificates using openssl.
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout kibana-access.key -out kibana-access.pem
Currently, when I login to kibana as the users kibanaserver or kibanaro or readall, I’m able to create/delete indices created by other users as well. I’m trying to restrict these by allowing index creation privilege to be provided only to kibanaserver user.
Please let me know if you are aware of any documentation that can be referred for changing the privileges for each of the users.
-Thanks.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.