TLS problems between kibana and ES

have setup an OPendistro elasticsearch cluster and Opendistro kibana with the demo certificates but got problems when trying to access “security->Authentication & Authorization” in Kibana. I do this as the admin user.

When accessing “Authentication & Authorization” in Kibana i get logged out and in the elasticsearch logs I find these logs. I can’t see authentication backends and not permission and roles.

[2019-06-17T10:42:07,713][WARN ][c.a.o.s.d.r.a.RestApiPrivilegesEvaluator] [log-es-01] No client TLS certificate found in request
[2019-06-17T10:42:07,773][ERROR][c.a.o.s.d.r.a.OpenDistroSecurityConfigAction] [log-es-01] No permission to access REST API: Role based access not enabled… No client TLS certificate found in request

What configuration am I missing? I assume that the “No client TLS…” is for the communication between kibana/ES however I use https here.

Resolved by
opendistro_security.restapi.roles_enabled: [“all_access”, “security_rest_api_access”]

1 Like