Hi
I enabled SSL, but logstash met below error:
[2019-10-08T17:21:54,292][ERROR][logstash.licensechecker.licensereader] Unable to retrieve license information from license server {:message=>"No Available connections"}
[2019-10-08T17:21:55,728][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://elastic:xxxxxx@192.168.0.178:9200/", :error_type=>LogStash::Outputs::Elasticsearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://elastic:xxxxxx@192.168.0.178:9200/][Manticore::ClientProtocolException] PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors"}
elasticsearch log:
[2019-10-08T17:39:32,351][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [master-node] http client did not trust this server's certificate, closing connection [id: 0x937b59d2, L:0.0.0.0/0.0.0.0:9200 ! R:/192.168.0.179:45462]
I used below command to generate certificate:
bin/elasticsearch-certutil cert ca --pem --out certs/certs.zip
Then generated below files:
ca.crt , instance.crt, instance.key
elasticsearch.yml:
xpack.ssl.key: /etc/elasticsearch/certs/instance.key
xpack.ssl.certificate: /etc/elasticsearch/certs/instance.crt
xpack.ssl.certificate_authorities: /etc/elasticsearch/certs/ca.crt
logstash.yml:
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: *****
xpack.monitoring.elasticsearch.hosts: ["https://192.168.0.178:9200"]
xpack.monitoring.elasticsearch.ssl.certificate_authority: "/etc/logstash/ca.crt"
xpack.monitoring.elasticsearch.ssl.verification_mode: certificate
xpack.monitoring.elasticsearch.sniffing: true
http.host: "192.168.0.179"
log.conf:
input {
file {
path => "/var/log/messages"
}
}
output {
elasticsearch {
hosts => ["https://192.168.0.178:9200"]
index => "system-syslog-%{+YYYY.MM}"
user => "elastic"
password => "*****"
ssl => true
cacert => "/etc/logstash/ca.crt"
}
}
logstash and elasticsearch version : 6.7.0