honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Modify SSL settings in Kibana security 

Original commit: elastic/x-pack-elasticsearch@927c3c9ed6
This commit is contained in:
lcawley 2017-07-25 17:14:24 -07:00
parent 14c88ca15f
commit 29bb00a7ca
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/en/security/tribe-clients-integrations/kibana.asciidoc
View File

@ -88,12 +88,12 @@ server:
`subjectAltName` to the hostname, fully-qualified domain name (FQDN), or IP `subjectAltName` to the hostname, fully-qualified domain name (FQDN), or IP
address of the Kibana server, or set the CN to the Kibana server's hostname address of the Kibana server, or set the CN to the Kibana server's hostname
or FQDN. Using the server's IP address as the CN does not work. or FQDN. Using the server's IP address as the CN does not work.
.. Set the `server.ssl.key` and `server.ssl.cert` properties in `kibana.yml`: .. Set the `server.ssl.key` and `server.ssl.certificate` properties in `kibana.yml`:
+ +
[source,yaml] [source,yaml]
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
server.ssl.key: /path/to/your/server.key server.ssl.key: /path/to/your/server.key
server.ssl.cert: /path/to/your/server.crt server.ssl.certificate: /path/to/your/server.crt
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
+ +
Once you enable SSL encryption between the browser and the Kibana server, Once you enable SSL encryption between the browser and the Kibana server,
@ -117,12 +117,12 @@ elasticsearch.url: "https://<your_elasticsearch_host>.com:9200"
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
.. If you are using your own CA to sign certificates for Elasticsearch, set the .. If you are using your own CA to sign certificates for Elasticsearch, set the
`elasticsearch.ssl.ca` setting in `kibana.yml` to specify the location of the PEM `elasticsearch.ssl.certificateAuthorities` setting in `kibana.yml` to specify
file. the location of the PEM file.
+ +
[source,yaml] [source,yaml]
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
elasticsearch.ssl.ca: /path/to/your/cacert.pem elasticsearch.ssl.certificateAuthorities: /path/to/your/cacert.pem
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
. Install {xpack} into Kibana to secure user sessions and enable users . Install {xpack} into Kibana to secure user sessions and enable users
@ -190,7 +190,7 @@ Kibana server.
| `xpack.security.sessionTimeout` | `1800000` (30 minutes) | Sets the session duration (in milliseconds). | `xpack.security.sessionTimeout` | `1800000` (30 minutes) | Sets the session duration (in milliseconds).
| `xpack.security.cookieName` | `"sid"` | Sets the name of the cookie used for the session. | `xpack.security.cookieName` | `"sid"` | Sets the name of the cookie used for the session.
| `xpack.security.secureCookies` | `false` | Sets the `secure` flag of the session cookie. Is set | `xpack.security.secureCookies` | `false` | Sets the `secure` flag of the session cookie. Is set
to `true` if `server.ssl.cert` and `server.ssl.key` to `true` if `server.ssl.certificate` and `server.ssl.key`
are set. Set this to `true` if SSL is configured are set. Set this to `true` if SSL is configured
outside of Kibana (for example, you are routing outside of Kibana (for example, you are routing
requests through a load balancer or proxy). requests through a load balancer or proxy).