Hi All,
I hope someone can help me with this because I am really out of my wits.
We have a working ELK server and a logstash forwarder that is sending logs to it, and they work perfectly fine. I am now installing a new ELK server with the latest version ( so that we can use shield ), and I am trying to make the forwarder send logs to the new server, in parallel to the working now.
I have a problem with the ssl certificate for the new server. I created the crt-key pair as explained in the ELK installation guide, while specifying the FQDN of my ELK server and copied the crt file to the logstash forwarder. However, when I try to run logstash-forwarder with a cofig file that points to the new server and specifies its crt file, I get a "certificate signed by unknown authority" error. curl to the server's host/port with the came certificate, also fails, saying that the certificate is self signed.
As mentioned above, connecting to the working ELK server with a certificate that was generated using the same process is working OK. I compared the certificates using opnsssl x509 and I see that both use FQDN and not IP.
I searched for similar cases and found all kind of stuff, but the bottom line seem to be that it should just work.
So can someone tell me what am I missing here?
Thanks
Oren