Greetings. I found a bug in beats, but I went to open a bug issue on GitHub but the prompts directed me here to confirm that it was a bug first.
Steps to reproduce:
Vanilla CentOS 7
Download and install filebeat-6.8.0-x86_64.rpm
Edit "/etc/filebeat/filebeat.yml" to include the host, username, and password of the remote ElasticSearch cluster with HTTPS enabled on a wildcard certificate.
Run "filebeat -e setup".
This results in the following error:
2019-08-05T12:16:20.409-0400 ERROR elasticsearch/elasticsearch.go:252 Error connecting to Elasticsearch at https://es-1-dev.company.com:9200: Get https://es-1-dev.company.com:9200: x509: certificate is valid for es-*.company.com, not es-1-dev.company.com
Did whoever program this forget about wildcard certificates? Please let me know next steps.
Many companies do not allow full wildcard certificates for security purposes - if an attacker gains access to such a certificate, the results would be devastating. The fact that Golang does not support a security feature that is specified by the RFC is disappointing, to say the least.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.