Hi,
I created a self-signed certificate like this
openssl req -subj '/CN=logstash_hostname/' -x509 -days 3652 -batch -nodes -newkey rsa:2048 -keyout logstash.key -out logstash.crt
Then i set the logstash configuration file with this input beats:
input {
beats {
port => 1500
host => "logstash_hostname"
ssl => true
ssl_certificate => "logstash.crt"
ssl_key => "logstash.key"
}
}
I test logstsah with the utility curl:
curl -v --cacert logstash.crt https://logstash_hostname:1500
Then i get the following error:
- Rebuilt URL to: https://logstash_hostname:1500
- Trying [IP]...
- TCP_NODELAY set
- Connected to logstash_hostname ([IP]) port 1500 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
- successfully set certificate verify locations:
- CAfile: logstash.crt
CApath: /etc/ssl/certs - TLSv1.2 (OUT), TLS header, Certificate Status (22):
- TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Client hello (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS change cipher, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN, server did not agree to a protocol
- Server certificate:
- subject: CN=logstash_hostname
- start date: Jan 31 13:31:48 2019 GMT
- expire date: Jan 31 13:31:48 2020 GMT
- common name: logstash_hostname (matched)
- issuer: CN=logstash_hostname
- SSL certificate verify ok.
> GET / HTTP/1.1
> Host: logstash_hostname:1500
> User-Agent: curl/7.52.1
> Accept: /
> - SSL read: error:00000000:lib(0):func(0):reason(0), errno 104
- Curl_http_done: called premature == 1
- stopped the pause stream!
- Closing connection 0
curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 104
Any ideas about this?