i discovered that:
curl -u $user:$password “https://:9200$esmaster/_searchguard/authinfo?pretty”
gets rejected with:
“Authentication finally failed”, which is fine. Adding my certs to that call, authentication is successful.
Login into kibana, with exactly the same credentials as in that curl-command, i get access as well.
logger.searchguard.name = com.floragunn
logger.searchguard.level = debug
I can see, that the authenticated user is the FQDN of the host, kibana is running on. But the login is happening on my localhost.
And my kibana.yml configures:
Now, I am really confused. What is going on, and how can I tell kibana to use certs integrated in the browser to do authentication?
On Wednesday, September 19, 2018 at 5:31:38 PM UTC+2, hage42 wrote:
I am running Elasticsearch+Searchguard+Kibana+Searchguard-Kibana-Plugin 6.3.2.
I am authenticating my users against Searchguard using certs, like:
I am trying to authenticate my kibana-users the same way, but I wasn’t successful so far. So my question is:
Is it possible at all? Or is the only change to auth with kibana+searchguard (not using LDAP of the commercial version) using the basic-auth with the internal_users-db?
Thanks in advance