Enable tls logstash

  if [type] == "traffic" {
    elasticsearch {
      ecs_compatibility => disabled
      hosts => ["https://***********************************:443"]
      index => "${NODE_ROLE}-traffic-%{+YYYY.MM.dd}"
      ssl => true
      ssl_certificate_verification => false
      cacert => "/opt/example/Sectigo.pem"
    }
  }
  else {
    elasticsearch {
      ecs_compatibility => disabled
      hosts => ["https://*****************************:443"]
      index => "${NODE_ROLE}-%{+YYYY.MM.dd}"
      ssl => true
      ssl_certificate_verification => false
      cacert => "/opt/example/Sectigo.pem"
    }
    }
  }
~
This works
curl --cacert "/opt/example/Sectigo.pem" --insecure https://********************************************

2024-09-12T06:39:03,409][WARN ][logstash.outputs.elasticsearch][main] Attempted to resurrect connection to dead elasticsearch instance, but got an error {:url=>"https://search-:443/", :exception=>LogStash::Outputs::elasticsearch::HttpClient::Pool::HostUnreachableError, :message=>"elasticsearch Unreachable: [https://search-:443/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}


I have verified the path and permission. looks good.

please advise.