we are looking to use the Elastic Serverless Forwarder for AWS, sending to logstash.
We've got the initial setup and working, and are wondering if there is support for ssl authentication when sending data to logstash. Our need is to have ssl authentication, and if it is not supported for ESF, what would be the most common approach ot meet this need?
Hi @stabbotco1. Disclaimer: I have not done this myself, but it looks like it may be possible. The config file for ESF has this optional setting:
args.ssl_assert_fingerprint: (Optional) SSL fingerprint for self-signed SSL certificate on HTTPS transport.
Logstash can be configured for SSL via its config file.
Hi Jeremy @Soucy, thank you for your time and effort to research a solution. I appreciate it very much!
I saw the setting, but have since confirmed to my satisfaction that ESF does not support mutual TLS (mTLS). This is unfortunate as our requirements require this, and failure to support mTLS has resulted in us moving closer to a 'build your own' solution which requires more effort, components, complexity and failure opportunities.
I am honestly surprised at this, and expected mTLS to be supported by ESF.
Thank you again, and have a great day!