Curl ssl error to elasticsearch server via filebeat

This is my filebeat output test :

filebeat test output

elasticsearch: https://172.10.110.29:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 172.10.110.29
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.3
    dial up... OK
  talk to server... OK
  version: 8.10.4

but when I curl from filebeat to elasticsearch it is showing SSL error :

curl -v -XGET "https://172.10.110.29:9200" -u elastic --cacert /etc/filebeat/certs/http_ca.crt
Enter host password for user 'elastic':
* About to connect() to 172.10.110.29 port 9200 (#0)
*   Trying 172.10.110.29... connected
* Connected to 172.10.110.29 (172.10.110.29) port 9200 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/filebeat/certs/http_ca.crt
  CApath: none
* NSS error -12190
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error

That may be no read permission on the file for the user running curl

NSS error -12190 is due to a TLS version mismatch.

At a guess, your ES node is configured to only support modern TLS versions, but your version of curl is quite old and isn't compatible with those versions.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.