When using Logstash 8.3.x on Linux we can connect via SSL from a server with an IPv6 address.
When using Logstash 8.4.0 and higher, we get an error trying to establish a connection. By enabling duebggng in the JVM by adding the "-Djavax.net.debug=all" parameter, I could see the error details (below).
IN short, it appears SNI is throwing the error due to the name being an IP address. But why is SNI involved here? Is there a way to disable or enable it? This error did not occur in Logstash 8.3.x, and I cannot find a change note that seems to relate to this. Any help would be appreciated, as we are unable to update to a newer version of Logstash until we figure this out.
Thank in advance.
javax.net.ssl|ERROR|10 4F|http-input-processor[T#3]|2023-10-31 07:38:53.328 PDT|TransportContext.java:363|Fatal (ILLEGAL_PARAMETER): Illegal server name, type=host_name(0), name=fc00::1:192:168:0:159, value={666330303A3A313A3139323A3136383A303A313539} (
"throwable" : {
javax.net.ssl.SSLProtocolException: Illegal server name, type=host_name(0), name=fc00::1:192:168:0:159, value={666330303A3A313A3139323A3136383A303A313539}
Caused by: java.lang.IllegalArgumentException: The encoded server name value is invalid
at java.base/javax.net.ssl.SNIHostName.(SNIHostName.java:179)
at java.base/sun.security.ssl.ServerNameExtension$CHServerNamesSpec.(ServerNameExtension.java:131)
... 38 more
Caused by: java.lang.IllegalArgumentException: Contains non-LDH ASCII characters
at java.base/java.net.IDN.toASCIIInternal(IDN.java:297)
at java.base/java.net.IDN.toASCII(IDN.java:123)
at java.base/javax.net.ssl.SNIHostName.(SNIHostName.java:175)