Kibana Can't Connect to Elasticsearch - "connect ECONNREFUSED x.x.x.x:9200"

Question

I've been troubleshooting a Kibana issue for a several hours now and I'm at a dead end.

Kibana is not running. When I go to start Kibana, it looks like it does, if I systemctl status kibana it will say running for a few seconds but then if I run it again, it says failed.

I will include my config files below, for reference.

kibana.yml

server.port: 5601

server.host: "0.0.0.0"

elasticsearch.hosts: ["https://0.0.0.0:9200"]

logging:
  appenders:
    file:
      type: file
      fileName: /var/log/kibana/kibana.log
      layout:
        type: json
  root:
    appenders:
      - default
      - file

pid.file: /run/kibana/kibana.pid

xpack.encryptedSavedObjects.encryptionKey: mykey
xpack.reporting.encryptionKey: mykey
xpack.security.encryptionKey: mykey

elasticsearch.hosts: ['https://192.168.253.6:9200']
elasticsearch.serviceAccountToken: mytoken
elasticsearch.ssl.certificateAuthorities: [/var/lib/kibana/ca_1680987510447.crt]
xpack.fleet.outputs: [{id: fleet-default-output, name: default, is_default: true, is_default_monitoring: true, type: elasticsearch, hosts: ['https://192.168.253.6:9200'], ca_trusted_fingerprint: ec46451962624a>

server.ssl.enabled: true
server.ssl.certificate: /etc/kibana/kibana-server.crt
server.ssl.key: /etc/kibana/kibana-server.key
server.publicBaseUrl: "https://192.168.253.6:5601"

---

elasticsearch.yml

path.data: /var/lib/elasticsearch

path.logs: /var/log/elasticsearch

network.host: 0.0.0.0

xpack.security.enabled: true

xpack.security.enrollment.enabled: true

xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
#cluster.initial_master_nodes: ["kali-purple.localdomain"]

http.host: 0.0.0.0

discovery.type: single-node

---

metricbeat.yml

metricbeat.config.modules:
  path: ${path.config}/modules.d/*.yml

  reload.enabled: false

setup.template.settings:
  index.number_of_shards: 1
  index.codec: best_compression

setup.kibana:
  host: "https://192.168.253.6"
  setup.kibana.ssl.enabled: true
  ssl.certificate_authorities: ["/etc/kibana/kibana-server_ca.crt"]
  setup.kibana.ssl.certificate: "/etc/kibana/kibana-server.crt"
  setup.kibana.ssl.key: "/etc/kibana/kibana-server.key"

  output.elasticsearch:
  # Array of hosts to connect to.
  hosts: ["https://192.168.253.6"]
  username: "elastic"
  password: "mypass"
  ssl.ca_trusted_fingerprint: myfingerprint

  processors:
  - add_host_metadata: ~
  - add_cloud_metadata: ~
  - add_docker_metadata: ~
  - add_kubernetes_metadata: ~

---

/etc/hosts

/etc/hosts 

127.0.0.1       localhost
192.168.253.6   kali-purple.localdomain kali-purple

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

---

rough tail output of kibana.log

"X-Pack Monitoring Cluster Alerts will not be available: connect ECONNREFUSED 192.168.253.6:9200"
"Kibana is now unavailable (was critical)"
"Starting monitoring stats collection"
"Kibana is now available (was unavailable)"
"Fleet Usage: {\"agents_enabled\":true,\"agents\":{\"total_enrolled\":1,\"healthy\...
"Stopping all plugins."
"Monitoring stats collection is stopped",
"Unable to retrieve version information from Elasticsearch nodes. connect ECONNREFUSED 192.168.253.6:9200"
"error writing bulk events: \"connect ECONNREFUSED 192.168.253.6:9200\"

---

I can include any additionally needed info; I thought this was the most pertinent for now. Would really appreciate any insight or pointers.