I have SSL enabled on all my elastic nodes, using a self signed certificate. However logstash is unable to connect to elasticsearch. Gives the following error
[2021-09-07T10:34:50,283][WARN ][logstash.outputs.elasticsearch][f5_waf] Attempted to resurrect connection to dead ES instance, but got an error {:url=>"https://user:xxxxxx@a.b.c.d:9200/", :exception=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :message=>"Elasticsearch Unreachable: [https://user:xxxxxx@a.b.c.d:9200/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}
Below is my logstash output section:
output {
elasticsearch {
hosts => [MASKED]
user => user
password => MASKED
ssl => true
cacert => "/etc/logstash/imported_elastic_ca.pem"
ssl_certificate_verification => false
index => "F5-WAF-%{+YYYY.MM.dd}"
}
}
At this point I have tried almost everything. Event imported the cert into the java key store. Any assistance would be appreciated 