Filebeat and Logstash certificate and key

fjiang212 · June 27, 2016, 2:29am

I follow the doc (https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elk-stack-on-ubuntu-14-04) to generate certificate and private key, then use them in both filebeat and logstash to make the TSL connection work. But I am still confuse here:

Why the filebeat and logstash use the same certificate here, Originally I thought client and server have different certificate: client.crt and server.crt
Why we copy server private key file to filebeat. I always think we should keep private key on the server side only.
Does it mean in this case we only verify logstash not filebeat

Could someone knowing TLS shed some light on it? Or explain how TLS work here.

Thanks

steffens · June 27, 2016, 10:09am

I didn't read through this tutorial, but:

do not copy the private file. It's called private for a reason
When you're using self-signed certificates (no CA), the client needs to have certificate in its CA list. Using certificate-authorities, the client only requires the CAs certificate to verify the server certificate (this is how it should be done when managing multiple servers). For testing and simple setups self-signed certificates are a little more convenient
I didn't see any client certificate configured for client-authentication. This means, filebeat will check logstash being ok, but not the other way around.

system · July 18, 2016, 2:29am

This topic was automatically closed after 21 days. New replies are no longer allowed.

Topic		Replies	Views
Secure between Logstash and Filebeat - File does not contain valid private key Logstash windows	3	1432	June 27, 2022
Logstash Filebeat incorrect SSL key Logstash	4	469	November 29, 2019
Debug Errors while setting up SSL communication between Filebeat and Logstash Beats filebeat	7	7153	December 15, 2017
Let's Encrypt and Filebeat TLS Beats filebeat	8	5848	August 9, 2016
Secure Logstash and Filebeats communication Logstash	5	263	August 31, 2023