Unable to access opensearch dashboard post install - Getting ConnectionError in logs

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):

opensearch-dashboards/stable,now 2.17.0 amd64 [installed]
opensearch/stable,now 2.17.0 amd64 [installed]

Describe the issue:
Unable to access the opensearch dashboard URL
Getting an error on the browser OpenSearch Dashboards server is not ready yet

Configuration:

server:Ubuntu 20.04.6 LTS with 2TB mem and 50 Cpus. Trying to run single node cluster.Installed via APT.

root@logger:/var/log/opensearch-dashboards# cat /etc/opensearch-
dashboards/opensearch_dashboards.yml | grep -v “#” | grep -v ^$

server.port: 5601
server.host: "10.196.141.81"
opensearch.hosts: [https://192.100.141.81:9200]
opensearch.ssl.verificationMode: none
opensearch.username: admin
opensearch.password: Admin!123
opensearch.requestHeadersWhitelist: [authorization, securitytenant]
opensearch_security.multitenancy.enabled: true
opensearch_security.multitenancy.tenants.preferred: [Private, Global]
opensearch_security.readonly_mode.roles: [kibana_read_only]
opensearch_security.cookie.secure: false

root@logger:/var/log/opensearch-dashboards# cat /etc/opensearch/opensearch.yml | grep -v “#” | grep -v ^$

cluster.name: my-application
node.name: node-1
path.data: /var/lib/opensearch
path.logs: /var/log/opensearch
network.host: 0.0.0.0
discovery.type: single-node
plugins.security.ssl.transport.pemcert_filepath: esnode.pem
plugins.security.ssl.transport.pemkey_filepath: esnode-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: esnode.pem
plugins.security.ssl.http.pemkey_filepath: esnode-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: root-ca.pem
plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn: ['CN=kirk,OU=client,O=client,L=test,C=de']
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: [all_access, security_rest_api_access]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [.plugins-ml-agent, .plugins-ml-config, .plugins-ml-connector,
  .plugins-ml-controller, .plugins-ml-model-group, .plugins-ml-model, .plugins-ml-task,
  .plugins-ml-conversation-meta, .plugins-ml-conversation-interactions, .plugins-ml-memory-meta,
  .plugins-ml-memory-message, .plugins-ml-stop-words, .opendistro-alerting-config,
  .opendistro-alerting-alert*, .opendistro-anomaly-results*, .opendistro-anomaly-detector*,
  .opendistro-anomaly-checkpoints, .opendistro-anomaly-detection-state, .opendistro-reports-*,
  .opensearch-notifications-*, .opensearch-notebooks, .opensearch-observability, .ql-datasources,
  .opendistro-asynchronous-search-response*, .replication-metadata-store, .opensearch-knn-models,
  .geospatial-ip2geo-data*, .plugins-flow-framework-config, .plugins-flow-framework-templates,
  .plugins-flow-framework-state]
node.max_local_storage_nodes: 3

Relevant Logs or Screenshots:

root@logger:~# curl -X GET https://localhost:9200 -u 'admin:Admin!123' --insecure --verbose
Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying ::1:9200...
* TCP_NODELAY set
* Connected to localhost (::1) port 9200 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
root@logger:~# 

Sep 27 16:02:58 logger opensearch-dashboards[2832587]: {"type":"log","@timestamp":"2024-09-27T10:32:58Z","tags":["error","opensearch","data"],"pid":2832587,"message":"[ConnectionError]: write EPROTO 00C83585A57F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:\n"}
Sep 27 16:03:00 logger opensearch-dashboards[2832587]: {"type":"log","@timestamp":"2024-09-27T10:33:00Z","tags":["error","opensearch","data"],"pid":2832587,"message":"[ConnectionError]: write EPROTO 00C83585A57F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:\n"}
Sep 27 16:03:03 logger opensearch-dashboards[2832587]: {"type":"log","@timestamp":"2024-09-27T10:33:03Z","tags":["error","opensearch","data"],"pid":2832587,"message":"[ConnectionError]: write EPROTO 00C83585A57F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:\n"}

@sathis How did you deploy your cluster?

Thanks for looking into this pablo.
I followed this steps provided in this link https://opensearch.org/docs/latest/install-and-configure/install-opensearch/debian/#install-opensearch-from-an-apt-repository

@sathis At this point I think this should work from the curl level.

curl http://localhost:9200

This procedure doesn’t mention security plugin init. You’ll need to run securityadmin.sh once the cluster is up and running.
Also for OpenSearch Dashboards the good practice is using kibanaserver user instead of admin. You shouldn’t expose admin’s passwords in any config file.
Password of kibanaserver user is kibanaserver.