Ignore ssl_certificate_validation in Http filter plugin

Elastic Stack Logstash
1

Hi Team,

I have installed logstash7.9.2 in the Linux server. I have created a configuration which will connect to the Ansible-tower rest API using http filter plugin.
My question is there a way to disable ssl/tls verification in the mutate section ( Http filter plugin ) on the logstash pipeline configuration .
The Logstash.conf file contains:

input {

    http {
    codec => json
                }

}

filter {


    http {
                url => "https://xxxxxxxxxxx/api/v2/jobs/%{[job_id]}/job_host_summaries/"
                verb => "GET"
                body_format => "json"
                headers => {
                "Authorization" => "xxxxxxxxxxxxxxxxxxxxx"
                }
                target_body => "host_summaries"

        }


mutate {
    add_field => { "host_tmp" => "%{[host_summaries][results][0][summary_fields][host][name]}" }
}


}

output {
    stdout { codec => rubydebug }
  }
2

how Ignore ssl_certificate_validation in Http filter plugin ?§

3

You cannot ignore it. There is an open issue requesting this, but I do not forsee it being implemented.

A couple of years ago the ability to set the :verify option on the Manticore client ssl parameter was removed from the http filter (note that that is a version of the code from 2016). It looks to me as though it would not have worked anyways.

You can download the certificate from whatever endpoint you are connecting to and add it to a truststore. However, it will still have to be a name-matched certificate. Just adding the cert or the CA cert will not get you around that.

1 Like
4

Thank you @Badger :grinning:

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.