I'm struggling to get the http_poller working with a piece of equipment running a self signed cert. I've created the cert with the following command openssl s_client -showcerts -connect 192.168.1.35:443 </dev/null 2>/dev/null|openssl x509 -outform PEM > downloaded_cert.pem; keytool -import -alias test -file downloaded_cert.pem -keystore downloaded_truststore.jks
Logstash generates the following error "error" => "Host name '192.168.1.35' does not match the certificate subject provided by the peer (CN=*.device.maker.com, OU=maker, O=\"maker, INC.\", L=somewhere, ST=somewhere, C=US)"
I know very little about certificates but it looks like the error is caused by the device having 192.168.1.35 assigned as its IP but the cert having a wildcard for *.device.maker.com?
Is there any way to work around this? Changing the cert is not possible. curl -k works fine but it seems such an option is not available for the http_poller.
Generally, SSL certs contain hostnames, not IPs. Try using the hostname of the device, may not work though. I haven't done much of anything with Java keystores so I don't quite know where this error is at in the process but you probably need to import the self-signed cert into the Java keystore.