Logstash beats input cant start with ssl enabled

dorinand · September 28, 2020, 7:10am

SOLUTION:

So the problem was invalid private key. I set up debug log level for logstash in logstash.yml:

log.level: debug

Then, in all debug messages, there was message about invalid private key. At first, this should be mentioned, according to me, in INFO logs. The certificate, as I mentioned above, is valid, but the format of certificate was wrong. So from documentation of input beats:

SSL key to use. NOTE: This key need to be in the PKCS8 format, you can convert it with OpenSSL for more information.

So I change format with:

openssl pkcs8 -topk8 -nocrypt -in instance.key -out instance.key.pkcs8

And change my configuration of input beats:

input {
  beats {
    port => 5000
    ssl => true
    ssl_certificate => "/ssl/instance.crt"
    ssl_key => "/ssl/instance.key.pkcs8"
  }
}

Than it starts to work. Everywhere in cluster (filebeat, elasticsearch) was this cert valid, but for logstash, there must be different format.

Topic		Replies	Views
Logstash SSL File does not contain a valid private key with Beats Logstash	2	10789	April 17, 2019
Filebeat could not connect to logstash on SSL Beats filebeat	6	3945	November 30, 2018
Logstash beats input doesn't find certificates Logstash	2	1041	July 6, 2017
Logstash (5.4.2) / Winlogbeat / SSL - File does not contain valid private key Logstash	2	3162	August 31, 2017
Logstash 7.8 beats input with SSL throws error Logstash	4	876	September 3, 2020

Logstash beats input cant start with ssl enabled

Related topics