Hello
I'm authenticating FileBeat clients on Logstash over ssl (ssl_verify_mode: force_peer).
I created self signed cert
../bin/elasticsearch-certutil ca --pem --silent --out ca.zip
then generated logstash and filebeat certs
elasticsearch-certutil cert --silent --pem --in instances.yml --ca-cert ca/ca.crt --ca-key ca/ca.key --out cert.zip
I created instances.yml und run elasticsearch-certutil with elasticsearch-certutil --in instances.yml ...
It works but the FileBeat clients are specified in instances.yml by their ip addresses.
- name: logstash_unit1
dns:
- logstash
- node1
- localhost
- name: filebeat
dns:
- node1
- node2
- localhost
ip:
- 161.222.72.115
- 127.0.0.1
The FileBeat clients connects to logstash over proxy and their ip addresses can change.
Can i specify an address range instead of ip address?
How can i get rid of ip addresses for filebeat client certs?
Thank you
Peter