I need to establish an SSL connection b/w my logstash and filebeat.
To generate Cert I reffered ESCertUtil
But it is confusing..
To create CA (as zip), I did bin/elasticsearch-certutil ca --pem
then I unzipped it using unzip as ca.crt and ca.key .. It have not asked for any password.
soon after, to generate server cert and key , I did bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
It promted me for CA password and I entered it. It spits out the following error:
Exception in thread "main" java.nio.file.NoSuchFileException: elastic-stack-ca.p12
at sun.nio.fs.UnixException.translateToIOException(UnixException.java:86)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214)
at java.nio.file.Files.newByteChannel(Files.java:361)
at java.nio.file.Files.newByteChannel(Files.java:407)
at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384)
at java.nio.file.Files.newInputStream(Files.java:152)
at org.elasticsearch.xpack.core.ssl.CertParsingUtils.readKeyStore(CertParsingUtils.java:68)
at org.elasticsearch.xpack.core.ssl.CertParsingUtils.readPkcs12KeyPairs(CertParsingUtils.java:127)
at org.elasticsearch.xpack.security.cli.CertificateTool$CertificateCommand.lambda$loadPkcs12CA$1(CertificateTool.java:341)
at org.elasticsearch.xpack.security.cli.CertificateTool.withPassword(CertificateTool.java:931)
at org.elasticsearch.xpack.security.cli.CertificateTool.access$100(CertificateTool.java:85)
at org.elasticsearch.xpack.security.cli.CertificateTool$CertificateCommand.loadPkcs12CA(CertificateTool.java:340)
at org.elasticsearch.xpack.security.cli.CertificateTool$CertificateCommand.getCAInfo(CertificateTool.java:328)
at org.elasticsearch.xpack.security.cli.CertificateTool$GenerateCertificateCommand.execute(CertificateTool.java:684)
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:77)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
at org.elasticsearch.cli.Command.main(Command.java:90)
at org.elasticsearch.xpack.security.cli.CertificateTool.main(CertificateTool.java:137)
[root@hc4t05745 elasticsearch-6.4.2]# bin/elasticsearch-certutil cert --ca
Simplifies certificate creation for use with the Elastic Stack
For me the process is pretty confusing, can anyone explain me the clear steps with example and not with any elastic links ( I have searched many but confused, thats why) .. Thanks in advance !