@davidg Thanks for the speedy response, I think this is what threw me, the disappearance of the basic authentication that existed in earlier releases. Hence the panel labelled "Credentials" now no longer applies (i.e, the username and password are meaningless). I should have realised this when I discovered I could talk directly to Elasticsearch on port 9200 without entering a username and password, but as it stands it's a little misleading to still show a Credentials panel.
Anyway, I followed the instructions in the link to add Apache to my virtual machine, closed access to port 9200 in the Google Console, opened port 80, and now everything works.
Thanks for your help!