Logstash HTTP_Poller tls version

Hello, I am trying to use the HTTP_Poller v5.0.1 to contact the CloudFlare API to pull some traffic and security logs. However, when calling the URI, Cloudflare API complains that the version of TLS I am using is only 1.0. Is there a way to force the poller to use TLS1.2?

Logstash Config

input {
  http_poller {
    urls => {
      cf_waf_test => {
        method => get
        url => ####
        headers => {
          "Content-Type" => "application/json"
          "X-Auth-Email" => "####"
          "X-Auth-Key" => "####"
    request_timeout => 60
    schedule => { "every" => "5m" }
    tags => ["Cloudflare-WAF-Logs"]

Error Message

Cloudflare does not support deprecated TLS versions for security reasons. Please upgrade your client to TLS 1.2 or greater. See https://blog.cloudflare.com/deprecating-old-tls-versions-on-cloudflare-dashboard-and-api/ for more details.

Which JRE are you using (vendor and version)?

Hey, here is a dump from java -version

java version "1.8.0_161"
Java(TM) SE Runtime Environment (build - pxa6480sr5fp10-20180214_01(SR5                                                                                                              FP10))
IBM J9 VM (build 2.9, JRE 1.8.0 Linux amd64-64 Compressed References 20180208_37                                                                                                             8436 (JIT enabled, AOT enabled)
OpenJ9   - 39bb844
OMR      - c04ccb2
IBM      - 2321a81)
JCL - 20180209_01 based on Oracle jdk8u161-b12

Elastic do not support any version of J9. That said, I have run with it in the past and had no problems.

Does adding -Dcom.ibm.jsse2.overrideDefaultTLS=true to jvm.options help?

Hey, such a simple oversight on my part. I switched to java-1.8.0-openjdk-devel and everything works perfectly now. Thanks for you help!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.