How to configure SSL for logstash-input-tcp when running on windows?


I need help in getting the ssl configuration correct. We are running ELK on windows servers and are now sending the logs from nxlog to logstash over tcp, port 5000. Now we are switching over to ssl but I can't seem to get the configuration right.

For testing purpose I've created a self-signed certificate which I've converted from a .pfx to .cer and .key files. I've also opened up the certificate and removed the bits before ----BEING as instructed in

We are running Logstash version 2.4.1 and my configuration is as below

tcp {
	port => 443
	codec => json
	ssl_enable => true
	ssl_cert => "<path_to_crt>"
	ssl_key => "<path_to_key>"
	ssl_key_passphrase => "<passphrase>"
	ssl_verify => false
	tags => "ssl_transfer"

For the path for example in ssl_cert I've tried using "F:\cert.cer", "/f/cert.cer", "F:/cert.cer", "F:\cert.cer" but I can not get logstash to start up correctly. The errors I mainly get are these

{:timestamp=>"2017-05-10T14:33:37.837000+0200", :message=>"Could not inititalize SSL context", :exception=>#<OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:>, :backtrace=>["org/jruby/ext/openssl/ initialize'", "C:/monitoring/logstash-2.4.1/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-3.0.6/lib/logstash/inputs/tcp.rb:214:inssl_context'",

{:timestamp=>"2017-05-10T14:48:48.399000+0200", :message=>"Invalid setting for tcp input plugin:\n\n input {\n tcp {\n # This setting must be a path\n # File does not exist or cannot be opened /F/certificates/funwithflagscertificate.crt\n ssl_cert => "/F/cert.crt"\n ...\n }\n }", :level=>:error}

Greatful for any help

I got it working by using the tip "Convert the .pfx file using OpenSSL" from this site Regarding the path it worked fine with for example this

ssl_cert => "c:\cert\certificate.cert"

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.