Configuring both TLS 1.2 and TLS 1.3 in Logstash 8.8

Manal_A · November 2, 2023, 10:31am

In my Logstash8.8 syslog configuration file, I want to configure two TLS versions: TLS 1.2 and TLS 1.3, but it doesn't work. Can you provide the correct way to configure it? Should I create two separate inputs?

tcp {
id => tcp_cds_syslog_tls_6516
port => 6516
codec => plain {
charset => "US-ASCII"
}
ssl_enable => true
ssl_supported_protocols => "TLSv1.2"
ssl_key => "/data/logstash/certs/log_key.pem"
ssl_cert => "/data/logstash/certs/log_cert.pem"
#ssl_cipher_suites => ["TLS_AES_256_GCM_SHA384", "TLS_AES_128_GCM_SHA256", "TLS_CHACHA20_POLY1305_SHA256"]
ssl_certificate_authorities => ["/data/logstash/certs/log_ca.pem"]
ssl_verify => true
}

Thank you

leandrojmp · November 2, 2023, 12:37pm

What is not working? You didn't share any error log.

You shouldn't change anything, the default for the TCP input is to use TLS v1.2 and TLS v1.3 as you can check in the documentation.

Since you are not on the last version, I'm not sure if on version 8.8 it already uses that.

But to set it just use:

ssl_supported_protocols => ['TLSv1.2', 'TLSv1.3']

Also, are you using the bundled jdk or another jdk?

system · November 30, 2023, 12:38pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.