Logstash output to Elasticsearch SSL 6.3 issue

security

(Frank J. Foti) #1

I generated the cert and keays using "bin/elasticsearch-certutil" with " CERT mode" and let it generate the CA as well.

A 2 node cluster and kibana are tsl and http.ssl enabled fine.

Logstash output to elasticsearch with thowing an error: "[FATAL][logstash.runner ] An unexpected error occurred! {:error=>#<ArgumentError: Setting "xpack.ssl.key" hasn't been registered>"

I have tried a number of variations and stuck on this now.

logstash output config:
output {
elasticsearch {
hosts => [ "https://*******:9200" ]
index => "metricbeat-config-%{+YYYY.MM.dd}"
ssl => true
cacert => '/etc/logstash/mmetricbeats/ca.crt'
sniffing => true
user => *****
password => ******
}
}

logstash yml configured as:
xpack.ssl.key: /etc/logstash/metricbeats/metricbeat.key
xpack.ssl.certificate: /etc/logstash/metricbeats/metricbeat.crt
xpack.ssl.certificate_authorities: [ "/etc/logstash/metricbeats/ca.crt" ]
xpack.security.http.ssl.enabled: true


(Frank J. Foti) #2

Fixed this, turned sniffing to false, removed logstash.yml entries and generated a new ca cert