Logstash http_poller input from server with self-signed SSL certificate

vikbon · September 30, 2015, 1:15pm

Hi All,

I’m new to Elasticsearch and attempting to configure logstash http_poller input plugin to make api calls against a web server for performance data. Currently getting an “http_request_failure.error, handshake_failure”. Any chance of someone providing an example configuration for using http_poller plugin against a webserver with a self-signed certificate.

Thanks

warkolm · September 30, 2015, 2:23pm

What config do you have now?

vikbon · September 30, 2015, 5:58pm

my current config is pasted below. thanks

input {
http_poller {
urls => {
test => {
# Supports all options supported by ruby's Manticore HTTP client
method => post
url => "https://lwl/lwl/api?json={"inspector"%3A"4"%2C"basis"%3A"machines"%2C"date"%3A"2%20hours"%2C"limit"%3A"0"}"
verify_cert => true
}
}
request_timeout => 60
interval => 60
codec => "json"
# A hash of request metadata info (timing, response headers, etc.) will be sent here
metadata_target => "http_poller_metadata"
}

}

filter {

}

output {
elasticsearch {
protocol => "http"
}
}

warkolm · September 30, 2015, 6:33pm

Is the cert on the other end correct?

You can check with openssl s_client -showcerts -connect hostname:9200.

vikbon · September 30, 2015, 6:41pm

Yes, the self-signed cert is on the remote server I'm attempting to poll data from.

vikbon · September 30, 2015, 7:34pm

below is the result of the command openssl s_client -showcerts -connect hostname:9200

I generated a certificate for the elasticsearch node using the following commands:
keytool -importcert -keystore c:\temp\labes01.jks -file c:\temp\prolab-ca.cer -alias prolab_ca

keytool -genkey -alias labes01 -keystore c:\temp\labes01.jks -keyalg RSA -keysize 2048 -validity 712 -ext san=dns:labes01.prolab.inc,ip:10.143.0.217

keytool -certreq -alias labes01 -keystore c:\temp\labes01.jks -file c:\temp\labes01.csr -keyalg rsa -ext san=dns:labes01.prolab.inc,ip:10.143.0.217

keytool -importcert -keystore c:\temp\labes01.jks -file C:\temp\labes01-cert.cer -alias labes01

I also followed instruction on this link to enable SSL on the node: https://www.elastic.co/guide/en/shield/current/ssl-tls.html#installing-node-certificates
here is a screenshot of the elasticsearch configuration file where SSL is enabled

Topic		Replies	Views
Http_pollar input is not working with the certificate Logstash	1	183	June 30, 2021
Using http poller for https server Logstash	1	160	December 8, 2022
Http poller with --insecure mode Logstash	2	1038	August 15, 2019
HTTP_Poller and Elasticsearch Logstash	1	254	September 24, 2021
Http_poller Host name '192.168.1.35' does not match the certificate subject provided by the peer Logstash	6	3755	April 20, 2018

Logstash http_poller input from server with self-signed SSL certificate

Related topics