The doc (https://www.elastic.co/guide/en/beats/filebeat/5.0/configuring-ssl-logstash.html )did not say which way to create these keys/certificates, I tried to create with openssl two-way SSL but does not work, error is:
[2016-12-07T14:25:01,198][ERROR][logstash.inputs.beats ] Looks like you either have an invalid key or your private key was not in PKCS8 format. {:exception=>java.lang.IllegalArgumentException: File does not contain valid private key: /etc/logstash/logstash.key}
output.logstash:
hosts: ["logs.mycompany.com:5044"]
ssl.certificate_authorities: ["/etc/ca.crt"]
ssl.certificate: "/etc/client.crt"
ssl.key: "/etc/client.key"
input {
beats {
port => 5044
ssl => true
ssl_certificate_authorities => ["/etc/ca.crt"]
ssl_certificate => "/etc/server.crt"
ssl_key => "/etc/server.key"
ssl_verify_mode => "force_peer"
}
}
Please give me a full list of commands or a guide which works.