0

I have a AWS Opensearch in VPC network. I am using Nginx reverse proxy to access Opensearch Dashboard (Kibana). My Curent setup is working fine.

I tried to SAML Okta Authentication but getting following error:

"statusCode":500,"error":"Internal Server Error","message":"Internal Error"

I am using following configuration is Okta:

SSO URL: https://PROXY-URL/_plugin/kibana/_opendistro/_security/saml/acs

When attempting to access OpenSearch via the proxy URL, users are redirected to the Okta authentication page as expected. After entering the authentication code, the redirect URL points to

**https://PROXY-URL/_plugin/kibana/_opendistro/_security/saml/acs **

However, instead of successfully accessing OpenSearch Kibana, I am encountering an Internal Server Error with the following message

statusCode":500,"error":"Internal Server Error","message":"Internal Error"

My Nginx conf is following:

     server {
        server_name my-proxy-domain.com ;
        root     /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location /_plugin/kibana{
            proxy_pass https://OpenSearch-Domain-xxxxxxxxxx.xxxxxxxEndpoint.com/_plugin/kibana;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
            proxy_buffering off;
            proxy_ssl_verify off;
            }

            location / {
            return 403; 
            }

  listen [::]:443 ssl ipv6only=on; # managed by Certbot
  listen 443 ssl; # managed by Certbot
  ssl_certificate /etc/letsencrypt/live/kxxxxxxxxxx.xxxxxxx..com/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/kxxxxxxxxxx.xxxxxxx.com/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

I have setup SAML Okta auth with Nginx proxy. I created an EC2 windows instance within the same VPC and it worked perfectly fine.

0

You must log in to answer this question.