Creating certificates for filebeat


(Koen Vanoppen) #1

Dear all,

For logstashforwarder I had to create certificates containing the hostnames of the logstash servers.
Do I have to do this the same for filebeat? Or can I now once again create wildcards ssl-certs without the hostnames in it?
In other words, what is the correct way to create certs for filebeat to logstash servers?

Kind regards and thanks in advance!


(Steffen Siering) #2

TLS validation is provided by golang runtime system. As filebeat inherited loads of code from logstash-forwarder, it has similar requirements regarding certificates.

I would not consider not having any hostname in your certificate as secure. In this case you can try the insecure setting suppressing hostname checks. Or disable TLS altogether.

Are you using self-signed certificate or have you considered having root CAs already?


(Koen Vanoppen) #3

Well, I can do both... Can you give me an example to create these certifcates? I already started with creating them, (self signed), but I get an error... (transport.go:125: SSL client failed to connect with: EOF). So if you can give me an example to work with, that would be great :slight_smile: .

Thanks for the reply.


(Steffen Siering) #4

what's your logstash and filebeat config? Looks like connection was closed by logstash before even doing the SSL handshake. I assume logstash has printed an error about version something.

Have you set 'ssl => true' in logstash config?


(Koen Vanoppen) #5

You're the man. That was it... I forgot the ssl => true line... THANKS!!!!


(system) #6