Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearchproject/opensearch:latest
opensearchproject/opensearch-dashboards:latest
Describe the issue:
Configured Opensearch Dashboards to use TLS. When navigating to https://0.0.0.0:5601 I’m presented with the following error
"Secure Connection Failed
An error occurred during a connection to 0.0.0.0:5601. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG"
Configuration:
Opensearch-dashboards.yml
opensearch.hosts: ["https://localhost:9200"]
opensearch.ssl.verificationMode: certificate
opensearch.username: "kibanaserver"
opensearch.password: "kibanaserver"
opensearch.requestHeadersAllowlist: [ authorization,securitytenant ]
server.ssl.enabled: true
server.ssl.certificate: /usr/share/opensearch-dashboards/config/client1.pem
server.ssl.key: /usr/share/opensearch-dashboards/config/client1-key.pem
opensearch.ssl.certificateAuthorities: [ "/usr/share/opensearch-dashboards/config/root-ca.pem"]
opensearch_security.multitenancy.enabled: true
opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"]
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
opensearch_security.cookie.secure: true
Docker-compose.yml
opensearch-dashboards:
image: opensearchproject/opensearch-dashboards:latest
container_name: opensearch-dashboards
volumes:
- ./root-ca.pem:/usr/share/opensearch-dashboards/config/root-ca.pem
- ./client1.pem:/usr/share/opensearch-dashboards/config/client1.pem
- ./client1-key.pem:/usr/share/opensearch-dashboards/config/client1-key.pem
- ./opensearch-dashboards.yml:/usr/share/opensearch-dashboards/config/opensearch-dashboards.yml
ports:
- 5601:5601 # Map host port 5601 to container port 5601
expose:
- "5601" # Expose port 5601 for web access to OpenSearch Dashboards
environment:
- 'OPENSEARCH_HOSTS=["https://opensearch-node1:9200","https://opensearch-node2:9200"]'
- "DISABLE_SECURITY_DASHBOARDS_PLUGIN=false" # disables security dashboards plugin in OpenSearch Dashboards
networks:
- opensearch-net
Relevant Logs or Screenshots: