SSL / HTTPS for Kibana

#1

Hi,
Great job with OpenDistro. Congrats!

Now my question: Is there a way to get Kibana working in https without a reverse proxy? I’m not founding a clear documentation for this.

thanks
Sergio

#2

Hi @sergio
Yes, there is a way to setup kibana server to listen on https.

To configure your kibana to work on HTTPS, you need to add path of certificate and key into kibana.yml.

server.ssl.cert:  path/to/certificate
server.ssl.key:  path/to/key

If you are using docker, follow below steps to configure your kibana to listen on HTTPS.

  1. Create certificate (e.g., test.cert) and key file (e.g., test.key) at same location as of your docker-compose.yml file
  2. Update ‘kibana’ section of your docker compose file to configure environment variable and override volumes to configure SSL cert and key.
    Sample:
kibana:
    image: amazon/opendistro-for-elasticsearch-kibana:0.7.0
    container_name: odfe-kibana
    ports:   
      - 5601:5601
    expose: 
      - "5601" 
    environment:
      ELASTICSEARCH_URL: https://odfe-node1:9200
      SERVER_SSL_CERT: /usr/share/kibana/config/test.cert
      SERVER_SSL_KEY: /usr/share/kibana/config/test.key
    networks:
      - odfe-net
    volumes:
        - ./test.cert:/usr/share/kibana/config/test.cert
        - ./test.key:/usr/share/kibana/config/test.key
  1. docker-compose down ( optionally use -v option to delete all data volumes)
  2. docker-compose up
#3

Thanks a lot Hardik!

#4

Hi guys, do you know how to redirect 80 port to 443 from kibana.yml configuration file?, many thanks