CA Signed Certificate Not Working

Hey there,

I am working to setup a Logstash and Beats (file and winlog). I have everything working for a self-signed certificate on LogStash and Beats , but if I try to create a CA signed Certificate I keep getting on the
ERR SSL client failed to connect with: x509: certificate is valid for RootCA not servername
I have copied the signed CRT and Key file to the Beats client but keep getting the same error. if I swap back to the Self-Signed cert works with no issues (logstash and beats)

I created dedicated CSR which was signed and the certificate is valid. This is the openssl command used to create the CSR.
openssl req -new -key /etc/pki/tls/private/private.key -out /etc/pki/tls/certs/server.csr -subj '/C=UK/ST=State/L=Location/O=Company/CN=server2.fqdn.com/emailAddress=mail@mail.com/subjectAltName=DNS.1=server1.fqdn.com,DNS.2=server3.fqdn.com,DNS.3=server4.fqdn.com'

I have included multiple SAN's as potentially there will be multiple logstash servers that the environment could c
connect to.

Any help is appreciated

You may want to move to filebeats, LSF is deprecated and will become unsupported at some point in the future.

I am already using filebeats and not LSF. I have exactly the same issue with Winlogbeats.

I am only using LogStash on the ELK stack servers.

So this is a beats question, as you have posted it in the LSF area, hence my comment.

Sorry, it is more a Logstash <-> Beats connection issue. I have updated accordingly.

This is how I got it to work. I put both the CA cert thta signed my logstash cert and the logstash cert into the filebeat.yml like so:

certificate_authorities: ["ca.cert", "logstash.cert" ]

then my filebeat is able to validate my logtash server via its signed cert. my logstash input only has its cert and key.

Currently trying to upgrade to the latest filebeat/logstash/ES so I can do the client cert to further lock down my logstash. Got to get the latest version blessed by the powers-that-be before i can use it.