AviralSri asked:
My Linux distro : Red Hat Enterprise Linux Server release 7.2 (Maipo)
Configuring ssl on this software
Kibana-4.3.0-linux-x64
I am trying to configure ssl on kibana.
The steps I followed:
-
Generated private key
openssl genrsa -out privatekey.key 2048The above command created a file names
privatekey.key. -
Genrated CSR
openssl req -new -key privatekey.key -out linux.csrEntered the details this csr asked. and then
linux.csrfile was created. -
I submitted this linux.csr to my organization and I was issued a certificate certnew.cer
The certificate contents were like:-----BEGIN CERTIFICATE----- -----END CERTIFICATE----- -
Now
kibana-4.3.0-linux-x64folder was present on home path of linux machine
I made the following changes tokibana.ymlfilessl.server..cert : /home/.../certnew.cer ssl.server.key : /home/.../privatekey.key -
Now, I start kibana and get the following log:-
In the log it says:log [17:49:38.853] [info][status][plugin:kibana] Status changed from uninitialized to green - Ready log [17:49:38.925] [info][status][plugin:elasticsearch] Status changed from uninitialized to yellow - Waiting for Elasticsearch log [17:49:38.965] [info][status][plugin:kbn_vislib_vis_types] Status changed from uninitialized to green - Ready log [17:49:38.977] [info][status][plugin:markdown_vis] Status changed from uninitialized to green - Ready log [17:49:38.994] [info][status][plugin:metric_vis] Status changed from uninitialized to green - Ready log [17:49:39.002] [info][status][plugin:spyModes] Status changed from uninitialized to green - Ready log [17:49:39.009] [info][status][plugin:elasticsearch] Status changed from yellow to green - Kibana index ready log [17:49:39.013] [info][status][plugin:statusPage] Status changed from uninitialized to green - Ready log [17:49:39.021] [info][status][plugin:table_vis] Status changed from uninitialized to green - Ready log [17:49:39.046] [info][listening] Server running at https://xx.xx.xx.xxx:8601
In the Browser when I try to open https://xx.xx.xx.xxx:8601. It runs but it is specified as Not secure and https is crossed in red colour.
Can anybody help me what steps I am missing ?
What I understand is that I need to add ssl certificate [certnew.cer] or maybe privatekey[privatekey.key] to linux trusted list which I suppose. Can anybody help me with that or point me to a link
My answer:
TLS certificates are issued for hostnames, not for IP addresses. Use the appropriate hostname in your URL.
View the full question and any other answers on Server Fault.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.