Debug errors between filebeat and logstash

bm1391 · February 14, 2018, 10:03pm

I have set up mutual auth for the connection between filebeat and logstash. However, I am getting some errors .

Here is my logstash config:

  beats {
    port => 5044
    ssl => true
    ssl_certificate_authorities => ["/home/monitor/ca/rootCA.pem"]
    ssl_certificate => "/home/monitor/ca/davos.crt"
    ssl_key => "/home/monitor/ca/davos.key"
    ssl_verify_mode => "force_peer"
#    ssl_verify_mode => "none"
  }

Filebeat config:

  certificate_authorities: ["/etc/filebeat/rootCA.crt"]

  # Certificate for TLS client authentication
  certificate: "/etc/filebeat/client1.crt"

  # Client Certificate Key
  certificate_key: "/etc/filebeat/client1.key"

I am able to transfer the data and no errors come out except for when I try to validate the certificate of the client side I receive:

curl -v --cacert rootCA.pem https://myip:5044

[2018-02-14T22:00:48,635][INFO ][org.logstash.beats.BeatsHandler] [local: 0.0.0.0:5044, remote: publicip:18757] Exception: javax.net.ssl.SSLHandshakeException: error:100000c0:SSL routines:OPENSSL_internal:PEER_DID_NOT_RETURN_A_CERTIFICATE

Thanks for any help

A thought: is this error supposed to occur because with the curl I am not sending my client certificate?

system · March 14, 2018, 10:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat to Logstash connection fails Beats filebeat	6	3160	April 11, 2017
Filebeat cannot connect to Logstash using ssl. curl: (35) TCP connection reset by peer Beats filebeat	3	1650	January 14, 2020
SSL with Filebeat not working Logstash	2	7716	May 16, 2018
Filebeat encryption error Beats filebeat	5	2093	August 27, 2020
Cannot receive logs from Filebeat in Logstash, SSL Problem Logstash elastic-stack-security	3	548	August 14, 2020

Debug errors between filebeat and logstash

Related Topics