Beats output to logstash using SSL and Cert Errors

I am testing SSL from 7.x Beats clients to logstash. Logstash is configured for a wildcard cert to my domain, call it * Connection works fine if Beats is configured to use a FQDN entry in the output, like But I have remote locations where I can't control DNS, so I currently use just IP's for the Beats output to logstash. The Beats output is thus like:
hosts: ["", ""]
ssl.enabled: true
verification_mode: none
client_authentication: none

This fails for the logger but not the FQDN host. This is the beats log: x509: cannot validate certificate for because it doesn't contain any IP SANs.
This is tcpdump from logstash][main][[local:, remote:] Handling exception: io.netty.handler.codec.DecoderException: Received fatal alert: bad_certificate (caused by: Received fatal alert: bad_certificate)

Per the description at Configure SSL | Winlogbeat Reference [7.17] | Elastic,
verification_mode: none
SHOULD allow this to work but it definitely is not. Of course, Elastic provides no examples so I can't tell if there might be a syntax issue or what.

Can anyone tell me if this SHOULD work and/or if there is a fix for it?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.