Hi guys,
I've tried to configure new default approach for logstash to logstash communication using logstash input, output plugins. It works fine without SSL, but I wasn't able to get SSL to work. It outputs this error on sender side. Does anyone run into the same issue?
Jan 19 13:56:51 server-1 logstash[782801]: [2024-01-19T13:56:51,820][ERROR][logstash.outputs.logstash] Could not send data to host {:host=>"https://10.30.1.1:12222", :message=>"PKIX path
validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors", :class=>Manticore::ClientProtocolException, :retry=>true}
I'm using logstash 8.12.0, certs are generated by elasticsearch-certutil, tried pkcs12 and pem, ca and self-signed, every possible was I could think of.
output {
logstash {
hosts => "10.30.1.1:12222"
ssl_enabled => true
ssl_keystore_path => "/etc/logstash/certs/logstash-client.p12"
ssl_keystore_password => "password"
}
}
input {
logstash {
port => 12222
ssl_enabled => true
ssl_keystore_path => "/etc/logstash/certs/logstash-server.p12"
ssl_keystore_password => "password"
}
}
elk docs:
Thanks
Matus