Establishing HTTPS from browser to Wazuh/Kibana

[Joseph C]

Hello Everyone,

I have completed an all-in-one deployment and am now seeking to secure web browser to kibana via ssl with a wildcard SSL certificate issued to me by our office.

Being a beginner in SSL, I have been looking around and been studying but still can't wrap my head around applying the office given certificates (which I have also converted into PEM format).

My current kibana.yml has the ff lines:

server.host: F.Q.D.N

elasticsearch.hosts: https://127.0.0.1:9200

server.port: 443

elasticsearch.ssl.verificationMode: certificate

elasticsearch.username: kibanaserver

elasticsearch.password: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]

opendistro_security.multitenancy.enabled: true

opendistro_security.readonly_mode.roles: ["kibana_read_only"]

server.ssl.enabled: true

server.ssl.key: "/etc/kibana/certs/kibana-key.pem"

server.ssl.certificate: "/etc/kibana/certs/kibana.pem"

elasticsearch.ssl.certificateAuthorities: ["/etc/kibana/certs/root-ca.pem"]

server.defaultRoute: /app/wazuh?security_tenant=global

And with me are 4 cert types as described below(in crt and pem formats):

Root CA Certificate 

2x Intermediate CA Certificate

Wildcard Certificate

Somewhere, I think I am supposed to generate a private key and CSR with matching fqdn lookup as it we have the server's name registered in public DNS. From there I think I am supposed to modify the config like below:

server.ssl.key: "generated.key"

server.ssl.certificate: "wildcardcertificate.pem"

Seeing as I am a noob in SSL, am I getting this right???

Thanks for the time in reading this and I hope people in this forum are doing wonderful.

Thank you

[Joseph C]

Nevermind guys, I figured it out myself! My boss didn't give me the private for it to work  as a pair with my server certificate. I hope my post finds anyone helpful.

Cheers to this group,

Joseph