Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/file/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
<img src="//i.stack.imgur.com/RUiNP.png" height="16" width="18" alt="" class="sponsor tag img">elasticsearch Kibana“中的错误;xpack=>;无法获取本地颁发者证书”;_<img Src="//i.stack.imgur.com/RUiNP.png" Height="16" Width="18" Alt="" Class="sponsor Tag Img">elasticsearch_Ssl_Kibana - Fatal编程技术网 elasticsearch Kibana“中的错误;xpack=>;无法获取本地颁发者证书”;,elasticsearch,ssl,kibana,elasticsearch,Ssl,Kibana" /> elasticsearch Kibana“中的错误;xpack=>;无法获取本地颁发者证书”;,elasticsearch,ssl,kibana,elasticsearch,Ssl,Kibana" />
Fatal编程技术网
  • elasticsearch/
  • elasticsearch Kibana“中的错误;xpack=>;无法获取本地颁发者证书”;

elasticsearch Kibana“中的错误;xpack=>;无法获取本地颁发者证书”;

ssl kibana

elasticsearch Kibana“中的错误;xpack=>;无法获取本地颁发者证书”;,elasticsearch,ssl,kibana,elasticsearch,Ssl,Kibana,我有一个带有ES和Kibana的单节点服务器。我把它们放在一个ELB后面,在一个域名下。 假设:-kibana.xyz.com和elasticsearch.xyz.com 我在elasticsearch中启用了http ssl,并将pem复制粘贴到kibana,但它不起作用。 在创建http ssl时,我键入了这两个域名来检查原因,但没有任何帮助将其留空或传递也没有区别 PFB elasticsearch.yml cluster.name: my-application node.name: e

我有一个带有ES和Kibana的单节点服务器。我把它们放在一个ELB后面,在一个域名下。 假设:-kibana.xyz.com和elasticsearch.xyz.com 我在elasticsearch中启用了http ssl,并将pem复制粘贴到kibana,但它不起作用。 在创建http ssl时,我键入了这两个域名来检查原因,但没有任何帮助将其留空或传递也没有区别 PFB elasticsearch.yml

cluster.name: my-application
node.name: elk-01
network.host: x.x.x.x
discovery.seed_hosts: ["elk-01"]
cluster.initial_master_nodes: ["elk-01"]
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.authc:
  anonymous:
    roles: kibana_system
    authz_exception: false
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: "/home/elasticsearch/log_services/elasticsearch-7.9.1/config/new_http.p12"
PFB基班纳yml

server.host: "0.0.0.0"
elasticsearch.hosts: ["https://test-elasticsearch.xyz.com"]
elasticsearch.username: "elastic"
elasticsearch.password: "xxxx"
xpack.security.enabled: true
xpack.reporting.encryptionKey: "5HLw1U6ot9tU490VivE1rR9ymirksJLM"
xpack.encryptedSavedObjects.encryptionKey: "5HLw1U6ot9tU490VivE1rR9ymirksJLM"
elasticsearch.ssl.certificateAuthorities: "/home/elasticsearch/log_services/kibana-7.9.1-linux-x86_64/config/elasticsearch-new-ca.pem"
logging.dest: /home/elasticsearch/log_services/kibana7/logs/kibana.log
为了实现这一点,我完全遵循了以下链接

https://techexpert.tips/elasticsearch/elasticsearch-enable-tls-https/
https://www.elastic.co/guide/en/elasticsearch/reference/7.9/configuring-tls.html#node-certificates
https://www.elastic.co/guide/en/kibana/7.9/configuring-tls.html
我确信传输证书是好的,因为没有tls实现,它在这个dev env和prod中也能很好地工作。 我正在使用7.9.1版本的elastic、kibana和agent

PFB错误日志

{"type":"log","@timestamp":"2020-09-19T22:53:55Z","tags":["error","elasticsearch","monitoring"],"pid":5047,"message":"Request error, retrying\nGET https://test-elasticsearch.xyz.com/_xpack => unable to get local issuer certificate"}
{"type":"log","@timestamp":"2020-09-19T22:55:00Z","tags":["warning","elasticsearch","data"],"pid":5047,"message":"Unable to revive connection: https://test-elasticsearch.xyz.com/"}
{"type":"log","@timestamp":"2020-09-19T22:55:00Z","tags":["warning","elasti