Hi Team,
I was trying to use the HTTPS authentication in my ELK Stack, but it is not working. I have used the existing keystore.jks in readonlyrest.yml file.
Elasticsearch is getting started on HTTP but not on HTTPS, whereas Kibana gives “Kibana server is not ready yet”
I have added below in elasticsearch.yml
http.type: ssl_netty4
transport.type: ror_ssl_internode
readonlyrest.yml:
readonlyrest:
enable: true
access_control_rules:
- name: "Basic Authentication to get started with"
indices: ["*"]
type: "allow"
auth_key: "xxx:yyy"
ssl:
keystore_file: "/etc/elasticsearch/keystore.jks"
keystore_pass: xxxx
key_pass: xxxx
ssl_internode:
keystore_file: "/etc/elasticsearch/keystore.jks"
keystore_pass: xxxx
key_pass: xxxx
certificate_verification: true
And have updated the elasticsearch url from HTTP to HTTPS in kibana.yml.
Filebeat.yml
filebeat.inputs:
- type: log
enabled: true
paths:
- /xxxxx/logs/*
setup.template.enabled: false
output.logstash:
hosts: ["log-01:5044", "log-02:5044", "log-03:5044"]
#enabled: true
loadbalance: true
setup.kibana:
host: "xxxx:5601"
Error logs in Elasticsearch
[2019-11-28T06:57:30,454][INFO ][o.e.l.LicenseService ] [cs-es-node-01] license [1bcd9dd7-3a24-475a-a401-a97df98ac161] mode [basic] - valid
[2019-11-28T06:57:30,547][INFO ][t.b.r.u.SSLCertParser$ ] [cs-es-node-01] ROR SSL: attempting with JKS keystore…
[2019-11-28T06:57:30,621][INFO ][t.b.r.u.SSLCertParser$ ] [cs-es-node-01] ROR SSL: ssl.key_alias not configured, took first alias in keystore: hellenicacademicandresearchinstitutionsrootca2011
[2019-11-28T06:57:30,625][ERROR][t.b.r.u.SSLCertParser$ ] [cs-es-node-01] ROR SSL: Failed to load SSL certs and keys from JKS Keystore! MalformedSslSettings: Private key not found in keystore for alias: hellenicacademicandresearchinstitutionsrootca2011
tech.beshu.ror.utils.MalformedSslSettings: Private key not found in keystore for alias: hellenicacademicandresearchinstitutionsrootca2011
at tech.beshu.ror.utils.SSLCertParser$.$anonfun$tryRun$1(SSLCertParser.scala:79) ~[core-1.18.8.jar:?]
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23) ~[scala-library-2.12.9.jar:?]
at scala.util.Try$.apply(Try.scala:213) ~[scala-library-2.12.9.jar:?]
at tech.beshu.ror.utils.SSLCertParser$.tryRun(SSLCertParser.scala:55) ~[core-1.18.8.jar:?]
at tech.beshu.ror.utils.SSLCertParser$.run(SSLCertParser.scala:37) [core-1.18.8.jar:?]
at tech.beshu.ror.es.ssl.SSLNetty4HttpServerTransport$SSLHandler.$anonfun$new$1(SSLNetty4HttpServerTransport.scala:64) [readonlyrest-1.18.8_es7.3.2.jar:?]
Error logs in Kibana
“message”:“PollError No Living connections”}
“message”:“No living connections”}
Please help me. I am a newbie in ELK and I know i am doing something wrong here.
Br
Pankaj N