I am in the same situation as you. I configured everything like here: https://www.elastic.co/guide/en/logstash/current/ls-to-ls.html
But i get sometimes PEER_DID_NOT_RETURN_A_CERTIFICATE or SSLV3_ALERT_CERTIFICATE_UNKNOWN
my configs:
upstream:
output {
lumberjack {
hosts => "agg_hag1.domain.com"
port => 5055
ssl_certificate => "/home/logstash/certs/agg_hag1.crt"
codec => "json"
}
}
downstream:
input {
beats {
port => 5055
codec => "json"
ssl => true
ssl_certificate => "/home/logstash/certs/agg_hag1.crt"
ssl_certificate_authorities => "/home/logstash/certs/domain-ca-pem.crt"
ssl_key => "/home/logstash/certs/agg_hag1-des-v1.pem"
ssl_key_passphrase => "PWD"
# ssl_verify_mode => none
# tls_min_version => 1.2
}
}