Logstash showing error when connected to TLS enabled elasticsearch


(Rijin) #1

Hi All ,

I am installed ES cluster and Logstash ( Both are 6.3.2)

Without TLS in all machines logstash is sending logs to ES . All logs are successfully indexed in ES. ( In this setup xpack is enabled in all ES machines . Logstash is sending logs with ES username and password)

When I am enabled TLS in all ES machines in the cluster , Logstash cant send the logs to ES with same configuration.

Error Log:

[INFO ] 2018-10-15 16:20:09.597 [Ruby-0-Thread-4: :1] elasticsearch - Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>https://elastic:xxxxxx@10.0.19.7:9200/, :path=>"/"}
[WARN ] 2018-10-15 16:20:09.617 [Ruby-0-Thread-4: :1] elasticsearch - Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://elastic:xxxxxx@10.0.19.7:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://elastic:xxxxxx@10.0.19.7:9200/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}

Is it mandatory to enable TLS in logstash to communicate with ES ?


(Rijin) #2

Self healed

Added ssl_certificate_verification => false in output of config file .

output {
stdout{ codec => rubydebug }
elasticsearch { hosts => ["https://10.0.19.7:9200"]
user => elastic
password => changeme
index => "test"
ssl_certificate_verification => false
}

}


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.