Http output error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

jfreeman · May 6, 2019, 6:40am

I have downloaded and installed Logstash 7.0.1 and using nssm.exe I have setup Logstash in windows machine.

I have two questions.

Why am I not able to access the logstash http host url using https, but only as http://server1.domain.com:9600/_node/stats/events?pretty?
I get the below error in http output and log message is not send to the API mentioned in the http output plugin. Whereas I am able to access this API from the browser within the logstash server with no cert error and successfully post a message with its swagger endpoint.

Am I missing anything in the configuration or should I install any certificate?

[2019-05-06T06:25:12,353][ERROR][logstash.outputs.http    ] [HTTP Output Failure] Could not fetch URL {:url=>"https://configlog/api/v1/log", :method=>:post, :body=>"{\"host\":\"10.121.170.71\",\"msg\":\"MESSAGE HERE\"}", :headers=>{"accept"=>"application/json", "Content-Type"=>"application/json-patch+json"}, :message=>"**PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target**", :class=>"Manticore::ClientProtocolException", :backtrace=>["C:/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.6.4-java/lib/manticore/response.rb:37:in `block in initialize'", "C:/logstash/vendor/bundle/jruby/2.5.0/gems/manticore-0.6.4-java/lib/manticore/response.rb:79:in `call'", "C:/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-output-http-5.2.4/lib/logstash/outputs/http.rb:239:in `send_event'", "C:/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-output-http-5.2.4/lib/logstash/outputs/http.rb:175:in `send_events'", "C:/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-output-http-5.2.4/lib/logstash/outputs/http.rb:124:in `multi_receive'", "org/logstash/config/ir/compiler/OutputStrategyExt.java:118:in `multi_receive'", "org/logstash/config/ir/compiler/AbstractOutputDelegatorExt.java:101:in `multi_receive'", "C:/logstash/logstash-core/lib/logstash/java_pipeline.rb:235:in `block in start_workers'"], :will_retry=>true}

Logstash.yml file has

path.data: E:/Logstash_Data
http.host: "server1"
log.level: debug
path.logs: E:/Logstash_Data/Logs

Logstash.conf file has

input {
  http {
    host => "server1.domain.com"
    port => 5055
	ssl => true
	ssl_certificate => "C:/logstash/certs/certificate.pem"
	ssl_key => "C:/logstash/certs/secret.key"
	response_headers => {
		"Access-Control-Allow-Origin" => "*"
		"Content-Type" => "application/json"
		"Access-Control-Allow-headers" => "Origin, X-Requested-With, Content-type, Accept"
		}
  }
}
filter {          
}
output {
    http {
		http_method => "post"
		url => "https://configlog/api/v1/log"
		format =>  "json"
        content_type => "application/json-patch+json"
        headers => ["accept","application/json"]		
    }
file {
   path => "E:/Logstash/Logs/log-%{+YYYY-MM-dd}.txt"
 }
}

I am able to be get the node status as

http://server1.domain.com:9600/_node/stats/events?pretty

 {
        "host": "server1",
        "version": "7.0.1",
        "http_address": "server1:9600",
        "id": "f4510390-ef3b-4d7b-8600-ec8b6bae1062",
        "name": "server1",
        "events": {
            "in": 1,
            "filtered": 0,
            "out": 0,
            "duration_in_millis": 0,
            "queue_push_duration_in_millis": 0
        }
    }

system · June 3, 2019, 6:40am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.