Hello Team,
I have setup one box setup of Elastic and Kibana with SSL and HTTPS.
I used the ca.crt as generated by
openssl pkcs12 -in elastic-stack-ca.p12 -out ca.crt -nokeys
As well as tried the instance.crt generated by:
/usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 --pem
But while running the logstash it is giving the error.. Conf and log details are as below:
ls_conf_snippet:
[root@ip-172-31-28-36 pagrawal]# cat Aladdin_ls.conf
input {
elasticsearch {
hosts => "https://localhost:9200"
index => "twitter1,twitter2"
ssl => "true"
ca_file => "/etc/elasticsearch/ca.crt"
}
}
Error:
[2019-05-28T16:44:09,344][ERROR][logstash.javapipeline ] A plugin had an unrecoverable error. Will restart this plugin.
Pipeline_id:main
Plugin: <LogStash::Inputs::Elasticsearch index=>"twitter1,twitter2", id=>"b95e5e59170b162a01d02cc7cd65c379bcb33a7623ba487ea7760e3ce7b7de1d", ca_file=>"/etc/elasticsearch/ca.crt", ssl=>true, hosts=>["https://localhost:9200"], enable_metric=>true, codec=><LogStash::Codecs::JSON id=>"json_979ce11c-6f98-4a53-acbd-547cd2f738cd", enable_metric=>true, charset=>"UTF-8">, query=>"{ "sort": [ "_doc" ] }", size=>1000, scroll=>"1m", docinfo=>false, docinfo_target=>"@metadata", docinfo_fields=>["_index", "_type", "_id"]>
Error: Failed to open TCP connection to https:0 (initialize: name or service not known)
Exception: Faraday::ConnectionFailed
Whereas curl works fine with same ca.crt:
[root@ip-172-31-28-36 pagrawal]# curl --cacert /etc/elasticsearch/ca.crt -XGET https://localhost:9200/_cat/indices?v
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open .kibana_task_manager TmJ9H1__Tk-VbO7cMbCQ_Q 1 0 2 2 9.3kb 9.3kb
Any thoughts ?