Logstash input/output plugin SSL configuration error

Hi guys,
I've tried to configure new default approach for logstash to logstash communication using logstash input, output plugins. It works fine without SSL, but I wasn't able to get SSL to work. It outputs this error on sender side. Does anyone run into the same issue?

Jan 19 13:56:51 server-1 logstash[782801]: [2024-01-19T13:56:51,820][ERROR][logstash.outputs.logstash] Could not send data to host {:host=>"https://10.30.1.1:12222", :message=>"PKIX path
 validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors", :class=>Manticore::ClientProtocolException, :retry=>true}

I'm using logstash 8.12.0, certs are generated by elasticsearch-certutil, tried pkcs12 and pem, ca and self-signed, every possible was I could think of.

output {
  logstash {
    hosts => "10.30.1.1:12222"
    ssl_enabled => true
    ssl_keystore_path => "/etc/logstash/certs/logstash-client.p12"
    ssl_keystore_password => "password"
  }
}
input  {
  logstash {
    port => 12222
    ssl_enabled => true
    ssl_keystore_path => "/etc/logstash/certs/logstash-server.p12"
    ssl_keystore_password => "password"
  }
}

elk docs:

Thanks
Matus

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.