Hi,
I'm forwarding logs from logstash to logstash using tcp output/input plugins over SSL.
on the client side i use this config in the output:
tcp{
host => "logstash01.domain.tld"
port => 8443
codec => json_lines
ssl_enable => true
ssl_cacert => "/etc/logstash/certs/ca.cer"
ssl_cert => "/etc/logstash/certs/client.cer"
ssl_key => "/etc/logstash/certs/client.key"
}
and this on the server input:
tcp {
port => "8443"
codec => json_lines
ssl_enable => true
ssl_extra_chain_certs => ["/etc/logstash/certs/ca.cer"]
ssl_cert => "/etc/logstash/certs/logstash01.cer"
ssl_key => "/etc/logstash/certs/logstash01.key"
}
the problem is that i'm getting this exception on the client:
`
SSL Error {:exception=>#<OpenSSL::SSL::SSLError: Received fatal alert: internal_error>, :backtrace=>["org/jruby/ext/openssl/SSLSocket.java:266:in
connect'", "/usr/share/logstash/vendor/bundle/jruby/2.3.0/gems/logstash-output-tcp-5.0.3/lib/logstash/outputs/tcp.rb:179:inblock in connect'", ...... trimmed
and this on the server:
[ERROR][logstash.inputs.tcp ] Error in Netty pipeline: io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
The goal is to achieve mutual authentication. anyone can help?
thank you
PS: the certificates are self-signed