Logstash: installing plugin results in certificate verify failed error

Hi, I am behind a corporate firewall with SSL interception. As many people here in this forum, I receive an SSL-related error when installing a logstash plugin:

root@kali:/etc/ssl/certs# /usr/share/logstash/bin/logstash-plugin install logstash-input-syslog OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release. WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.headius.backport9.modules.Modules to method java.lang.Object.finalize() WARNING: Please consider reporting this to the maintainers of com.headius.backport9.modules.Modules WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release ERROR: Something went wrong when installing logstash-input-syslog, message: certificate verify failed

I receive a similar error (certificate verify failed) when installing a locally built one (cloned the github repo and guild using gem).

I installed my company's root certificate and all intermediate certificates. What else could I try?

Actually, I solved it. After importing the certificate via:

cp ~/root.crt /usr/local/share/ca-certificates/EUM/
update-ca-certificates

I explicitly defined the certificate to be used for SSL session using the following environment variable:

export SSL_CERT_FILE=/etc/ssl/certs/EUM

Now it works.

2 Likes

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.