Logstash elasticsearch communication fails in ssl

Hi all,

I am running Elasticsearch(6.8.0) and Logstash(6.8.0) in SSL. I followed the steps as mentioned in docs. instead of generating certificate from elasticsearch utility i generated from openssl, this self signed certificate generated on different box. Here are the settings i applied.

elasticsearch.yml
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.key: server_key.pem
xpack.security.http.ssl.certificate: server_certificate.pem
xpack.security.http.ssl.certificate_authorities: ca_certificate.pem
xpack.security.transport.ssl.key: server_key.pem
xpack.security.transport.ssl.certificate: server_certificate.pem
xpack.security.transport.ssl.certificate_authorities: ca_certificate.pem
xpack.security.transport.ssl.verification_mode: certificate

logstash output config path
output {
elasticsearch {
hosts => ["https://localhost:9200"]
sniffing => true
manage_template => false
index => "%{[@metadata][_index]}"
document_type => "%{[@metadata][_type]}"
template_overwrite => "true"
cacert => '/data/nroot/ca_certificate.pem'
user => 'logstash_system'
password => Ar3woCkP8AVlbT5CACTy
}
}

whenever logstash elasticsearch plugin try to process the message it fails with error.- An unknown error occurred sending a bulk request to Elasticsearch. We will retry indefinitely {:error_message=>"Host name '127.0.0.1' does not match the certificate subject provided by the peer (O=server, CN=ms-axon-install.local)", :error_class=>"Manticore::UnknownException"

since i added xpack.security.transport.ssl.verification_mode: certificate should ignore hostname verification. then why also this failing.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.