I tried this way and did not work.
Execute: "curl -v --cacert certificate.pem https://logstash:5044
" retorna:
* Rebuilt URL to: https://logstash:5044/ https://logstash:5044/
* Hostname was NOT found in DNS cache
* Trying 172.18.0.3...
* Connected to logstash (XXXXXXXXXXXXX) port 5044 (#0)
* successfully set certificate verify locations:
* CAfile: /caminhocertificado/filebeat.pem CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: CERTIFICATE INFORMATIONS
* start date: 2016-10-10 19:39:23 GMT
* expire date: 2017-10-10 19:49:23 GMT
* common name: COMMONNAME(matched)
* issuer: CN=COMMONNAME
* SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.38.0
> Host: logstash:5044
> Accept: */*
> * SSLv3, TLS alert, Client hello (1):
* Empty reply from server
* Connection #0 to host logstash left intact curl: (52) Empty reply from server
==========================================================================
CONFIGURATION LOGSTASH:
input {
beats{
port => 5044
congestion_threshold => 1000000
ssl => true
#ssl_certificate_authorities => ["/path/to/cert/certificado.pem"] #Certificate installed on machine
ssl_certificate => "/path/to/cert/logstash.crt"
ssl_key => "/path/to/cert/private.key"
ssl_key_passphrase => "XXXXXXXXXXXX"
}
}
==========================================================================
CONFIGURATION FILEBEAT:
output:
logstash:
enabled: true
hosts: ["logstash:5044"]
#worker: 4
tls:
certificate_authorities: ["/path/to/cert/filebeat.pem"]
certificate: "/path/to/cert/filebeat.pem"
==========================================================================
ERRO:
2016/10/13 12:58:24.414608 output.go:87: DBG output worker: publish 2048 events
2016/10/13 12:58:24.414649 client.go:146: DBG Try to publish 2048 events to logstash with window size 10
2016/10/13 12:58:24.421024 client.go:105: DBG close connection
2016/10/13 12:58:24.421106 client.go:124: DBG 0 events out of 2048 events sent to logstash. Continue sending ...
2016/10/13 12:58:24.421224 single.go:77: INFO Error publishing events (retrying): write tcp XXXXXXXXXX:39396->XXXXXXXXXX:5044: write: broken pipe
2016/10/13 12:58:24.421263 single.go:154: INFO send fail
2016/10/13 12:58:24.421297 single.go:161: INFO backoff retry: 1s
2016/10/13 12:58:25.421665 client.go:100: DBG connect
2016/10/13 12:58:25.423129 client.go:146: DBG Try to publish 2048 events to logstash with window size 5
2016/10/13 12:58:25.425776 client.go:105: DBG close connection
2016/10/13 12:58:25.425910 client.go:124: DBG 0 events out of 2048 events sent to logstash. Continue sending ...
2016/10/13 12:58:25.425942 single.go:77: INFO Error publishing events (retrying): EOF
2016/10/13 12:58:25.425962 single.go:154: INFO send fail
2016/10/13 12:58:25.425981 single.go:161: INFO backoff retry: 2s