Differences

This shows you the differences between two versions of the page.

--- elasticsearch-tls [2020/11/07 12:08] – baumi
+++ elasticsearch-tls [2020/11/08 12:41] (current) – baumi
@@ Line 3: / Line 3: @@
   - Shutdown elk-cluster
   - Add certificate path to elasticsearch config in docker-compose.yml<code>
-volumes:
+services:
-  - ./certs:/certs
+  elasticsearch:
+    volumes:
+      - ./certs:/certs
 </code>
   - Start elasticsearch<code>$ docker-compose up -d elasticsearch</code>
@@ Line 21: / Line 23: @@
 Please enter the desired output file [elastic-stack-ca.zip]:
 [root@elk-test-elasticsearch elasticsearch]# unzip -d /certs/ elastic-stack-ca.zip
+Archive:  elastic-stack-ca.zip
+   creating: /certs/ca/
+  inflating: /certs/ca/ca.crt
+  inflating: /certs/ca/ca.key
 [root@elk-test-elasticsearch elasticsearch]# bin/elasticsearch-certutil http
@@ Line 151: / Line 157: @@
   - ./elasticsearch/config/elasticsearch.p12:/usr/share/elasticsearch/config/elasticsearch.p12:ro
 </code>
-  - Copy P12 file to correct place<code>cp certs/elasticsearch/http.p12 elasticsearch/config/elasticsearch.p12</code>
+  - Copy P12 file to correct place<code>
+$ cp certs/elasticsearch/http.p12 elasticsearch/config/elasticsearch.p12
+$ sudo chown 1000:1000 elasticsearch/config/elasticsearch.p12
+$ sudo chmod 600 elasticsearch/config/elasticsearch.p12
+</code>
   - Update elasticsearch.yml<code>
 $ grep xpack elasticsearch/config/elasticsearch.yml
@@ Line 193: / Line 203: @@
 PASSWORD elastic = ***
 </code>
-  -
+===== Configure Kibana for TLS and User Authentication =====
+  - Copy CA file to correct path<code>
+$ cp certs/kibana/elasticsearch-ca.pem kibana/config/</code>
+  - Add CA file mount do docker-compose.yml<code>
+services:
+  kibana:
+    volumes:
+      - ./kibana/config/elasticsearch-ca.pem:/usr/share/kibana/config/elasticsearch-ca.pem:ro
+</code>
+  - Add TLS & authentication information to kibana.yml<code>
+elasticsearch:
+  hosts: [ "https://elk-test-elasticsearch:9200" ]
+  ssl.certificateAuthorities: [ "config/elasticsearch-ca.pem" ]
+  username: "kibana_system"
+  password: "***"
+</code>
+  - Restart elk-stack<code>
+$ docker-compose up -d && docker-compose logs -f
+</code>
+===== Move username & password from Kibana Config =====
+  - Create Keystore and populate with logon information<code>
+$ docker exec -it elk-test-kibana bash
+bash-4.2$ bin/kibana-keystore create
+Created Kibana keystore in /usr/share/kibana/config/kibana.keystore
+bash-4.2$ bin/kibana-keystore add elasticsearch.username
+Enter value for elasticsearch.username: *************
+bash-4.2$ bin/kibana-keystore add elasticsearch.password
+Enter value for elasticsearch.password: ********************
+</code>
+  - Copy keystore to persistent storage<code>
+$ docker cp elk-test-kibana:/usr/share/kibana/config/kibana.keystore /srv/elk-test/kibana/config/
+</code>
+  - Adjust docker-compose.yml for bind mount of keystore file<code>
+services:
+  kibana:
+    volumes:
+      - ./kibana/config/kibana.keystore:/usr/share/kibana/config/kibana.keystore
+</code>
+  - Remove elasticsearch.username and elasticsearch.username from kibana.yml
+  - Restart kibana
 {{tag>kb elasticsearch}}