Hi
I need help in getting the ssl configuration correct. We are running ELK on windows servers and are now sending the logs from nxlog to logstash over tcp, port 5000. Now we are switching over to ssl but I can't seem to get the configuration right.
For testing purpose I've created a self-signed certificate which I've converted from a .pfx to .cer and .key files. I've also opened up the certificate and removed the bits before ----BEING as instructed in https://gist.github.com/ericharth/8334664
We are running Logstash version 2.4.1 and my configuration is as below
tcp {
port => 443
codec => json
ssl_enable => true
ssl_cert => "<path_to_crt>"
ssl_key => "<path_to_key>"
ssl_key_passphrase => "<passphrase>"
ssl_verify => false
tags => "ssl_transfer"
}
For the path for example in ssl_cert I've tried using "F:\cert.cer", "/f/cert.cer", "F:/cert.cer", "F:\cert.cer" but I can not get logstash to start up correctly. The errors I mainly get are these
{:timestamp=>"2017-05-10T14:33:37.837000+0200", :message=>"Could not inititalize SSL context", :exception=>#<OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:>, :backtrace=>["org/jruby/ext/openssl/PKeyRSA.java:285:in initialize'", "C:/monitoring/logstash-2.4.1/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-3.0.6/lib/logstash/inputs/tcp.rb:214:inssl_context'",
{:timestamp=>"2017-05-10T14:48:48.399000+0200", :message=>"Invalid setting for tcp input plugin:\n\n input {\n tcp {\n # This setting must be a path\n # File does not exist or cannot be opened /F/certificates/funwithflagscertificate.crt\n ssl_cert => "/F/cert.crt"\n ...\n }\n }", :level=>:error}
Greatful for any help
Tonni