Hello everyone,
I'm coming back to you. "Issue" is solved.
The root cause of our problem was wrong permissions on the manually PCKS#8 converted key. What make us struggle a lot was the inappropriate log message from Logstash plain text logs, see:
File does not contain valid private key: my_key.pem
By chance, I randomly decided to try the Logstash update on a host that has JSON logging enabled. Here, the message is totally different:
could not find key file: my_key.pem
So here are our conclusions:
- Behaviours of our Logstash are consistent
- Our Logstash never worked with SSL Beat pipelines
- Our previous key was PCKS#1 file (with good permissions)
- When I manually converted the PCKS#1 to PCKS#8 I was stupid enough not to check the permissions again. On this point Logstash logs were not helpful, may be it can be improved a bit.
Lessons learnt:
- Biggest / more time-expensive issues are often stupid human mistakes
- JSON Logstash logs is preferable on the plain homolog
TL;DR: wrong permissions on the PCKS#8 converted key.
Thanks for reading,
Quentin