Issues when enabling TLS on Logstash


I am configuring the stack to work on TLS/SSL. I configured SSL on both ES and Kibana and it works fine. Now, when I try to configure Logstash, I cannot get it to connect to ES. The following error appears:

[ERROR][logstash.outputs.elasticsearch] Attempted to send a bulk request to elasticsearch, but no there are no living connections in the connection pool. Perhaps Elasticsearch is unreachable or down? {:error_message=>"No Available connections", :class=>"LogStash::Outputs::ElasticSearch::HttpClient::Pool::NoConnectionAvailableError", :will_retry_in_seconds=>64}

My conf.d file looks like this:

 elasticsearch {
        user => "*****"
        password => "******"
        ssl => true
        cacert => "/path/to/ca.crt"

And this is my logstash.yml

xpack.monitoring.elasticsearch.url: "https://<hostname>:9200"
xpack.monitoring.elasticsearch.password: "******"
xpack.monitoring.elasticsearch.username: ******

Any idea of what's going on?


Found the solution.

Needed to add the certificate authority generated by certgen to my keystore (this isn't documented on Logstash and Security, so I had to guide myself with the error message from a ClientProtocolException and googling). Even disabling ssl_certificate_validation didn't work.

Thank you for sharing your solution with the community, @prodrg!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.