Hi, I want to create a self-signed certificate based on the IP of the logstash server, so my filebeat connection to logstash would be secure. I used the following command to generate the certificate:
openssl req -config /etc/ssl/openssl.cnf -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout /etc/logstash/ssl/logstash-forwarder.key -out /etc/logstash/ssl/logstash-forwarder.crt
when I check the certificate from the filebeat client by :
curl -v --cacert /etc/filebeat/logstash-forwarder.crt https://142.245.169.21:5443
I get the following error:
* About to connect() to 142.245.169.21 port 5443 (#0)
* Trying 142.245.169.21... connected
* Connected to 142.245.169.21 (142.245.169.21) port 5443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/filebeat/logstash-forwarder.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU
* start date: Aug 27 03:11:47 2018 GMT
* expire date: Aug 24 03:11:47 2028 GMT
* common name: (nil)
* issuer: O=Internet Widgits Pty Ltd,ST=Some-State,C=AU
> GET / HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: 142.245.169.21:5443
> Accept: /
>
* SSL read: errno -5961
* Closing connection #0
curl: (56) SSL read: errno -5961
and file beat log shows this error:
filebeat -c filebeat.yml -e -v
error: Failed to publish events: write tcp 192.168.0.190:47258->142.245.169.21:5443: write: connection reset by peer
I don't know how to create a valid self-signed certificate for the server such that logstash accepts it. Can someone please help me with that?