I am working to setup a Logstash and Beats (file and winlog). I have everything working for a self-signed certificate on LogStash and Beats , but if I try to create a CA signed Certificate I keep getting on the
ERR SSL client failed to connect with: x509: certificate is valid for RootCA not servername
I have copied the signed CRT and Key file to the Beats client but keep getting the same error. if I swap back to the Self-Signed cert works with no issues (logstash and beats)
I created dedicated CSR which was signed and the certificate is valid. This is the openssl command used to create the CSR.
openssl req -new -key /etc/pki/tls/private/private.key -out /etc/pki/tls/certs/server.csr -subj '/C=UK/ST=State/L=Location/O=Company/CN=server2.fqdn.com/emailAddressemail@example.com/subjectAltName=DNS.1=server1.fqdn.com,DNS.2=server3.fqdn.com,DNS.3=server4.fqdn.com'
I have included multiple SAN's as potentially there will be multiple logstash servers that the environment could c
Any help is appreciated