I've hit a known bug for Logstash in 8.8 when upgrade to 8.8.0/8.8.1 with xpack.management.elasticsearch.ssl.certificate_authority configured in Logstash with centralized management setup.
The cause is a bug introduced after SSL standardization.
The solution is update the Elasticsearch output plugin to 11.15.8 or higher:
bin/logstash-plugin update logstash-output-elasticsearch
Double check version:
bin/logstash-plugin list --verbose | grep logstash-output-elasticsearch
OR
Specify ca_trusted_fingerprint setting in the logstash.yml
i.e. with CA ca.cert, it can be grabbed with
cat ca.cert | openssl x509 -outform der | sha256sum | awk '{print $1}'
Then set the following on logstash.yml using the output from the previous command (i.e. "abbc1bd27074502451217955ffcf203770659ca70735ec3a6e2a980c6ee73a5e"):
xpack.monitoring.elasticsearch.ssl.ca_trusted_fingerprint: "abbc1bd27074502451217955ffcf203770659ca70735ec3a6e2a980c6ee73a5e"
xpack.management.elasticsearch.ssl.ca_trusted_fingerprint: "abbc1bd27074502451217955ffcf203770659ca70735ec3a6e2a980c6ee73a5e"