Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
OpenSearch and Dashboard version: 2.18.0 on Linux, installed via tarball.
Describe the issue:
Hi,
This is my first topic here, so apologies for my ignorance. 
I have a fully working OpenSearch 2.18.0 cluster with TLS configured enabled using my own PKI.
I also configured Dashboard (2.18.0) according to Configure TLS - OpenSearch Documentation and it is working together fine but I experienced one strange issue.
When I add opensearch_security.cookie.secure: true - as the same page linked above suggests - to the opensearch_dashboards.yml and restart Dashboard, it will fail at startup (the process will exit) and I can see this error in the dashboard log:
FATAL Error: Unknown configuration key(s): "opensearch_security.cookie.secure". Check for spelling errors and ensure that expected plugins are installed.
If I remove opensearch_security.cookie.secure: true from opensearch_dashboards.yml and restart Dashboard, everything works fine with TLS enabled without any problem.
I tried multiple times - this behavior is always reproducible.
Any ideas what am I missing / doing wrong?
Configuration:
Note: I removed some details using asterisks.
opensearch_dashboards.yml
server.port: 5601
opensearch.requestHeadersWhitelist: [authorization, securitytenant]
path.data: /var/lib/opensearch/dashboard
server.ssl.enabled: true
server.ssl.certificate: ***.pem
server.ssl.key: ***.pem
opensearch.ssl.verificationMode: full
opensearch.ssl.certificateAuthorities: [ ***_cacerts.pem ]
opensearch.username: "kibanaserver"
opensearch.password: "kibanaserver"
opensearch_security.cookie.secure: true
server.host: "my-host"
opensearch.hosts: [https://my-host:9200]
opensearch.yml
network.host: [ _site_, _local_]
http.port: 9200
transport.port: 9300
node.roles: [ master ]
discovery.seed_providers: file
plugins:
security:
ssl:
transport:
pemcert_filepath: ***_cert.pem
pemkey_filepath: ***_key.pem
pemtrustedcas_filepath: ***_cacerts.pem
enforce_hostname_verification: false
http:
enabled: true
pemcert_filepath: ***_chain.pem
pemkey_filepath: ***_key.pem
pemtrustedcas_filepath: ***_cacerts.pem
allow_unsafe_democertificates: false
allow_default_init_securityindex: true
authcz:
admin_dn:
- "CN=my-host"
nodes_dn:
- "CN=my-host,ST=*,C=*"
audit.type: internal_opensearch
enable_snapshot_restore_privilege: true
check_snapshot_restore_write_privileges: true
restapi:
roles_enabled: ["all_access", "security_rest_api_access"]
system_indices:
enabled: true
indices:
[
".opendistro-alerting-config",
".opendistro-alerting-alert*",
".opendistro-anomaly-results*",
".opendistro-anomaly-detector*",
".opendistro-anomaly-checkpoints",
".opendistro-anomaly-detection-state",
".opendistro-reports-*",
".opendistro-notifications-*",
".opendistro-notebooks",
".opendistro-asynchronous-search-response*",
]
cluster.initial_master_nodes: [ my-host ]
path.logs: /var/log/opensearch/master
path.data: /var/lib/opensearch/master
Relevant Logs or Screenshots:
FATAL Error: Unknown configuration key(s): "opensearch_security.cookie.secure". Check for spelling errors and ensure that expected plugins are installed.
...
{"type":"log","@timestamp":"2025-04-17T08:54:02Z","tags":["fatal","root"],"pid":2119422,"message":"InvalidConfigurationError: Unknown configuration key(s): \"opensearch_security.cookie.secure\". Check for spelling errors and ensure that expected plugins are installed.\n at ensureValidConfiguration (/opt/***/Dashboard/src/core/server/legacy/config/ensure_valid_configuration.js:50:11)\n at Server.setup (/opt/***/Dashboard/src/core/server/server.js:163:5)\n at Root.setup (/opt/***/Dashboard/src/core/server/root/index.js:60:14)\n at bootstrap (/opt/***/Dashboard/src/core/server/bootstrap.js:113:5)\n at Command.<anonymous> (/opt/***/Dashboard/src/cli/serve/serve.js:192:5) {\n code: 'InvalidConfig',\n processExitCode: 64,\n cause: undefined\n}"}