Configure SSL for each Elastic node

elasticprof · March 21, 2018, 7:07pm

Hi,

I have 5 nodes and each node is having different ssl certificate, in such case how do configure ssl for each one of them

input {
	stdin {}
    beats {
        port => 5044
    }
}

#filter {
#
#}

output {
    elasticsearch{
        hosts => ["https://192.16.202.154:9200,https://192.16.202.153:9200,https://192.16.202.152:9200,,https://192.16.202.151:9200,https://192.16.202.150:9200"]
        user => "elastic"
        password => "changeme"
        index => "-%{[@metadata][beat]}-%{+YYYY.MM.dd}"
        ssl_certificate_verification => false
    }
	stdout { codec => rubydebug }
}

yaauie · March 22, 2018, 7:22am

Are the certificates signed by the same Certificate Authority ("CA")? If so, you can set the path to the CA cert per the usual documentation. If not, multiple pem can simply be concatenated together to form a "bundle" pem.

elasticprof · March 22, 2018, 8:02pm

yes @yaauie they are signed by same CA,

Curious can you please give an example if they are from different CA's

yaauie · March 23, 2018, 10:22am

To create a pem that holds multiple certificates, you can simply concatenate the pem files that hold individual certificates together (this is not unique to Logstash -- it's part of the PEM format):

cat a.pem b.pem c.pem > combined-abc.pem

elasticprof · March 23, 2018, 1:30pm

Ok i was thinking the concatenation happens in logstash config file, got you.

Thanks

system · April 20, 2018, 1:30pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.