I have set up mutual auth for the connection between filebeat and logstash. However, I am getting some errors .
Here is my logstash config:
beats { port => 5044 ssl => true ssl_certificate_authorities => ["/home/monitor/ca/rootCA.pem"] ssl_certificate => "/home/monitor/ca/davos.crt" ssl_key => "/home/monitor/ca/davos.key" ssl_verify_mode => "force_peer" # ssl_verify_mode => "none" }
Filebeat config:
certificate_authorities: ["/etc/filebeat/rootCA.crt"] # Certificate for TLS client authentication certificate: "/etc/filebeat/client1.crt" # Client Certificate Key certificate_key: "/etc/filebeat/client1.key"
I am able to transfer the data and no errors come out except for when I try to validate the certificate of the client side I receive:
curl -v --cacert rootCA.pem https://myip:5044
[2018-02-14T22:00:48,635][INFO ][org.logstash.beats.BeatsHandler] [local: 0.0.0.0:5044, remote: publicip:18757] Exception: javax.net.ssl.SSLHandshakeException: error:100000c0:SSL routines:OPENSSL_internal:PEER_DID_NOT_RETURN_A_CERTIFICATE
Thanks for any help
A thought: is this error supposed to occur because with the curl I am not sending my client certificate?