Logstash filter plugin needs certificate with dns name

Hi i tried to configure security in elkstack and wanted a common certificate in all nodes environments but logstash fillter plugin needs dns name to speicified else wont work, any other solution?

Can you reply logstash config ?

Sorry cannot post full cfg file for security reasons

I have used ca_file parameter

Please don't post pictures of text, they are difficult to read, impossible to search and replicate (if it's code), and some people may not be even able to see them :slight_smile:

elasticsearch {
feilds =>
user => user
password => pass
ca_file => path/toCaCert

This is just a part of code not complete there is no error in cfg file but when i want to use a common certificate without mentioning host name which filter section doesnt allow it needs certificate mentioned with dns name only

Can you please post the text of the error you are seeing.

certificate subject name does not match target host name. I have generated tge certificate using elastic certutill tool

According to the docs, at least in silent mode, you can add multiple DNS names (item 3) which will be put in to the alternate names section of the certificate. If you aren't using DNS, then you will want to add your IP addresses instead with item 2. This way, the certificate can be valid for more than one host.

What if i want a common certificate across all clusters. How many nodes can i specify and can they belong to different clusters?

I don't think there is an actual limit to the number of alternate names that can be added to a certificate but, there is definitely a practical one. If you have more than a few hosts, you may want to consider creating one or more wildcard certificates instead. There is much less maintenance required; typing an asterisk (*) is much less effort then an ever changing list of host names.

Can you let me know how to create this wildcard certificate

Please reply

Also what if the certificate for internode communication and TLS expires will ELK stop working

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.