Empty response when accessing kibana via https

Question

I've been following this guide to setup opendistro for elasticsearch on AWS EKS. Currently, My elasticsearch pods work when querying from our VPC. Kibana has an interfacing load balancer, and works fine when I have server.ssl.enabled: false but I would like ssl. Whenever I try to access kibana via a browser or with curl, I get an err_empty_response error. Also, This error is generated each time in the kubectl logs for the kibana pod.

{"type":"error","@timestamp":"2020-08-25T20:37:01Z","tags":["connection","client","error"],"pid":1,"level":"error","error":{"message":"140092549867392:error:1408F09C:SSL routines:ssl3_get_record:http request:../deps/openssl/openssl/ssl/record/ssl3_record.c:242:\n","name":"Error","stack":"Error: 140092549867392:error:1408F09C:SSL routines:ssl3_get_record:http request:../deps/openssl/openssl/ssl/record/ssl3_record.c:242:\n"},"message":"140092549867392:error:1408F09C:SSL routines:ssl3_get_record:http request:../deps/openssl/openssl/ssl/record/ssl3_record.c:242:\n"}

Things I've tried that yielded the same result:

• Regenerating the certs for kibana.
• Used an Amazon Issued ACM cert that should match the domain
• Uploaded the kibana server cert to AWS ACM for internet facing load balancer. It's the same cert issued to the kibana server's server.ssl.certificate key
• Looked into ssl3_record.c but the file doesn't exist on any of my pods/nodes

.Can't seem to find any info on this error other than something is wrong with my certs. Looking for tips on debugging SSL certs with this sort of setup.

Answer 1

I ended up turning server.ssl.enabled: false, as I realized I'm handling ssl on Ingress with my load balancer. It works, but I'm still not exactly sure of the issue. I think it had something to do with the load balancer certificate conflicting with the server certificate for kibana.