kibana status RED after configuring Search Guard with Kibana

Am 27.01.2017 um 15:18 schrieb Oucéma Bellagha <bellagha.oucema@gmail.com>:

Hi folks,

I'm using kibana, elasticsearch and searchguard 5 latest versions
java version "1.8.0_112"

on two nodes cluster: 192.168.40.174 and 192.168.40.175 and I included all the configuration from the first node
I configured SSL communication between nodes successfully and search guard with kibana too:

tools/sgadmin.sh -cd sgconfig/ -ks sgconfig/kirk-keystore.jks -ts sgconfig/truststore.jks -nhnv -h 192.168.40.174 -h 192.168.40.175
Search Guard Admin v5
Will connect to 192.168.40.174:9300 ... done
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
Clustername: elasticsearch
Clusterstate: GREEN
Number of nodes: 2
Number of data nodes: 2
searchguard index already exists, so we do not need to create one.
Populate config from /usr/share/elasticsearch/plugins/search-guard-5/sgconfig
Will update 'config' with sgconfig/sg_config.yml
   SUCC: Configuration for 'config' created or updated
Will update 'roles' with sgconfig/sg_roles.yml
   SUCC: Configuration for 'roles' created or updated
Will update 'rolesmapping' with sgconfig/sg_roles_mapping.yml
   SUCC: Configuration for 'rolesmapping' created or updated
Will update 'internalusers' with sgconfig/sg_internal_users.yml
   SUCC: Configuration for 'internalusers' created or updated
Will update 'actiongroups' with sgconfig/sg_action_groups.yml
   SUCC: Configuration for 'actiongroups' created or updated
Done with success

But as you can see from the attachement Unable to connect to Elasticsearch at https://192.168.40.174:9200.

Thanks,

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/f92544ef-d07d-491d-8f87-8f1065423553%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.
<kibanana.JPG><elasticsearch.yml><jvm.options><log4j2.properties><node-0-keystore.jks><truststore.jks><kibana.yml><root-ca.pem><sg_roles.yml><elasticsearch.yml.example><kirk-keystore.jks><node-0-keystore.jks><sg_action_groups.yml><sg_config.yml><sg_internal_users.yml><sg_roles.yml><sg_roles_mapping.yml><truststore.jks>

On Monday, 30 January 2017 10:15:03 UTC+1, Oucema Bellagha wrote:

[c.f.s.h.SearchGuardHttpServerTransport] [ekf1] Someone speaks plaintext instead of ssl, will close the channel

In /var/log/elasticsearch/elasticsearch.log

match:

protocol: https

ssl:

verify: false

elasticsearch.password: kibanaserver

elasticsearch.ssl.ca: /etc/kibana/root-ca.pem

elasticsearch.url: “https://192.168.40.174:9200”

elasticsearch.username: kibanaserver

server.host: “192.168.40.174”

server.port: 5601

but nothing shows up in https://192.168.40.174:5601/

in logs when refresh the page https://192.168.40.174:5601/ I get this error message:

{“type”:“log”,“@timestamp”:“2017-01-30T09:34:08Z”,“tags”:[“connection”,“client”,“error”],“pid”:45612,“level”:“error”,“message”:“Parse Error”,“error”:{“message”:“Parse Error”,“name”:“Error”,“stack”:“Error: Parse Error\n at Error (native)”,“code”:“HPE_INVALID_METHOD”}}

Thanks,