Hi, I am trying to achieve what is described in the title. I believe I have taken all steps for proper configuration but am receiving an error that seems like a connection is not being initiated through https.
Logstash output configuration:
output {
elasticsearch {
hosts => ["https://X.X.X.X:9200"]
ssl => true
cacert => '/etc/logstash/ca.pem'
sniffing => true
manage_template => false
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
document_type => "%{[@metadata][type]}"
}
}
Logstash config:
xpack.ssl.key: /etc/elasticsearch/x-pack/key.key
xpack.ssl.certificate: /etc/elasticsearch/x-pack/cert.crt
xpack.ssl.certificate_authorities: [ "/etc/elasticsearch/x-pack/ca/ca.crt" ]
xpack.security.http.ssl.enabled: true
Keys being used are generated by x-pack certgen.
Error is:
@output_class=LogStash::Outputs::ElasticSearch>", :error=>"Unrecognized SSL message, plaintext connection?"
Is there some URL configuration I have to change somewhere that I missed? Any ideas why I am getting this error? Its probably simple but I am fairly new to ELK so I appreciate any help!
Thanks!