Failure with receiving network data - CURLE_RECV_ERROR (56)

Elastic Stack Logstash
1

Hi,

I created a self-signed certificate like this
openssl req -subj '/CN=logstash_hostname/' -x509 -days 3652 -batch -nodes -newkey rsa:2048 -keyout logstash.key -out logstash.crt

Then i set the logstash configuration file with this input beats:
input {
beats {
port => 1500
host => "logstash_hostname"
ssl => true
ssl_certificate => "logstash.crt"
ssl_key => "logstash.key"
}
}

I test logstsah with the utility curl:

curl -v --cacert logstash.crt https://logstash_hostname:1500

Then i get the following error:

  • Rebuilt URL to: https://logstash_hostname:1500
  • Trying [IP]...
  • TCP_NODELAY set
  • Connected to logstash_hostname ([IP]) port 1500 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
  • successfully set certificate verify locations:
  • CAfile: logstash.crt
    CApath: /etc/ssl/certs
  • TLSv1.2 (OUT), TLS header, Certificate Status (22):
  • TLSv1.2 (OUT), TLS handshake, Client hello (1):
  • TLSv1.2 (IN), TLS handshake, Server hello (2):
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
  • TLSv1.2 (OUT), TLS change cipher, Client hello (1):
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
  • TLSv1.2 (IN), TLS change cipher, Client hello (1):
  • TLSv1.2 (IN), TLS handshake, Finished (20):
  • SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
  • ALPN, server did not agree to a protocol
  • Server certificate:
  • subject: CN=logstash_hostname
  • start date: Jan 31 13:31:48 2019 GMT
  • expire date: Jan 31 13:31:48 2020 GMT
  • common name: logstash_hostname (matched)
  • issuer: CN=logstash_hostname
  • SSL certificate verify ok.
    > GET / HTTP/1.1
    > Host: logstash_hostname:1500
    > User-Agent: curl/7.52.1
    > Accept: /
    >
  • SSL read: error:00000000:lib(0):func(0):reason(0), errno 104
  • Curl_http_done: called premature == 1
  • stopped the pause stream!
  • Closing connection 0
    curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 104

Any ideas about this?

2

Hello,

I changed the port number from 1500 to 1501 and everything works fine...
There must be a misconfiguration of my vm that hosts logstash and this leads to the error.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.