Incorrect ssl redirect

[panda01]

If you try and access kibana from outside of localhost with ssl enabled, say from a virtualBox, it'll try to redirect you to localhost, which results in an error.

To get around this error run kibana with the --no-ssl flag

[panda01]

[lifeofguenter]

I am having a similar issue. The problem lies here:

• kibana/src/server/http/setup_connection.js

  Line 54 in 6025200

  reply.redirect(formatUrl({

• kibana/src/server/http/setup_connection.js

  Line 11 in 6025200

  const host = config.get('server.host');

E.g. if I set kibana to "bind" to 0.0.0.0 it will redirect me to https://0.0.0.0:5061, the redirect mechanism should not use that config directive, but instead redirect according to the HTTP_HOST value that is being sent by the client (which would either be the IP, or if you are using nginx as reverse proxy setup with a hostname, the hostname) - thus doing a "correcter" redirect.

[thomasneirynck]

The server.host setting needs to be set to a non-loopback address. So generally, you would use a public facing IP or DNS for that. This then would also have to match the SSL-cert. So for VM deployments, usually some sort of DNS resolution can be set up to handle this case.

[averrips]

I'm running into this using a Docker deployment at the moment. By adding an extra Docker host (data.example.com to 0.0.0.0) I can set server.host to data.example.com. However, the port is still added to the end of the redirect url. http://data.example.com is now redirecting me to https://data.example.com:5601 instead of https://data.example.com/.

What would be the disadvantage of a redirect to the same HTTP_HOST, instead of using server.host? This seems to be the most simple solution to me, but maybe I'm missing something.

[samling]

I'm also running into this issue using a Docker deployment. I get redirected to https://0.0.0.0:5601 when enabling SSL and binding to 0.0.0.0. Has anyone found a workaround or fix for this yet?

[thomasriley]

Would be helpful if Kibana used server.name as the host to redirect on, unless it could simply look at the request headers and redirect to the correct host set here.

If you run any sort of load balancer in front of Kibana, such as an AWS ELB, you can't set the host that Kibana will be available at in server.host since Kibana binds to the value set here.

[c4milo]

bind address and server.host address should be 2 parameters not 1, that's why this issue is happening. We cannot bind to 0.0.0.0 because it will trigger a redirect to 0.0.0.0 🤷‍♂️

[c4milo]

If Kibana exposes address and uri from Hapi server.options. We should be able to use Kibana in an enterprise environment without doing weird hacks.

https://github.com/hapijs/hapi/blob/master/API.md#server.options