After upgrading to logstash 7.14.1, I'm getting this error daily in the logstash-plain.log:
[ERROR][logstash.filters.geoip.databasemanager] certificate verify failed {:cause=>#<OpenSSL::SSL::SSLError: certificate verify failed>}
It doesn't appear to prevent the database update check, I get this error on both hosts where the database check succeeds and fails.
Thanks
I would be rather surprised, or indeed horrified, if it continued the download after a cert check failure.
In case you are not aware, if the download does not occur logstash will stop doing geoip lookups after 30 days, you will have to switch to a manual download. After 25 days I believe it starts warning that this deadline is upcoming.
Yea, I read where it will fail, but there is little info on debugging why it fails. I've turned up logging to "trace" for the next day's errors. BUT, other parts of ELK have options to skip cert verification, can't find any options or defaults for this plugin however.
Thanks
I have not checked the code, but I think it is the MaxMind client library that does the download.
I misread the database stats, you're correct, it is NOT updating after the certificate failure.
Well, with no changes on my end, it started working yesterday and still worked today.
It's almost like they changed the certificate on their end, but since I never found their URL, I don't know.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.