if [type] == "traffic" {
elasticsearch {
ecs_compatibility => disabled
hosts => ["https://***********************************:443"]
index => "${NODE_ROLE}-traffic-%{+YYYY.MM.dd}"
ssl => true
ssl_certificate_verification => false
cacert => "/opt/example/Sectigo.pem"
}
}
else {
elasticsearch {
ecs_compatibility => disabled
hosts => ["https://*****************************:443"]
index => "${NODE_ROLE}-%{+YYYY.MM.dd}"
ssl => true
ssl_certificate_verification => false
cacert => "/opt/example/Sectigo.pem"
}
}
}
~
This works
curl --cacert "/opt/example/Sectigo.pem" --insecure https://********************************************
2024-09-12T06:39:03,409][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead elasticsearch instance, but got an error {:url=>"https://search-:443/", :exception=>LogStash::Outputs::elasticsearch::HttpClient::Pool::HostUnreachableError, :message=>"elasticsearch Unreachable: [https://search-:443/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}
I have verified the path and permission. looks good.
please advise.