Hi,
When i want to validate the logstash server certificate with this command :
curl -v --cacert /etc/logstash/config/certs/logstash.crt https://logstash.ad-it.fr:5044
Rebuilt URL to: https://192.168.1.30:5044/
* Trying 192.168.1.30...
* TCP_NODELAY set
* connect to 192.168.1.30 port 5044 failed: Connection refused
* Failed to connect to 192.168.1.30 port 5044: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 192.168.1.30 port 5044: Connection refused
Best regards,
/etc/logstash/conf.d/example.yml
input {
beats {
port => 5044
ssl => true
ssl_certificate_authorities => ["/etc/logstash/config/certs/ca.crt"]
ssl_key => "/etc/logstash/config/certs/logstash.pkcs8.key"
ssl_certificate => "/etc/logstash/config/certs/logstash.crt"
ssl_verify_mode => "peer"
}
}
output {
elasticsearch {
hosts => ["https://node1.ad-it.fr:9200","https://node2.ad-it.fr:9200","https://node3.ad-it.fr:9200"]
ssl => true
cacert => '/etc/logstash/config/certs/ca.crt'
user => 'logstash_writer'
password => 'changeme'
index => 'logstash-%{+YYYY.MM.dd}'
}
}
filebeat.yml
#----------------------------- Logstash output --------------------------------
#output.logstash:
# The Logstash hosts
hosts: ["192.168.1.30:5044"]
# Optional SSL. By default is off.
# List of root certificates for HTTPS server verifications
ssl.certificate_authorities: ["/etc/filebeat/config/certs/ca.crt"]
# Certificate for SSL client authentication
ssl.certificate: "/etc/logstash/config/certs/logstash.crt"
# Client Certificate Key
ssl.key: "/etc/logstash/config/certs/logstash.pkcs8.key"