I follow the doc (https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elk-stack-on-ubuntu-14-04) to generate certificate and private key, then use them in both filebeat and logstash to make the TSL connection work. But I am still confuse here:
- Why the filebeat and logstash use the same certificate here, Originally I thought client and server have different certificate: client.crt and server.crt
- Why we copy server private key file to filebeat. I always think we should keep private key on the server side only.
- Does it mean in this case we only verify logstash not filebeat
Could someone knowing TLS shed some light on it? Or explain how TLS work here.