Logstash unable to establish SSL connection to Elastic Cloud Enterprise

(Yu Watanabe) #1

Logstash version 5.2.0
Elastic Cloud Enterprise version 1.0.0 alpha4

I am trying to connect to ECE Proxy node using ssl (tcp/9243 https) but logstash seems to not start ssl handshake against the proxy node. I would like to get help to solve this problem.

Below is the logstash log. I am directly connecting from logstash to proxy node without using loadbalancer.

[2017-02-06T20:34:45,813][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>https://elastic:xxxxxx@f59949dc580e46b7b699aa231a01129e., :path=>"/"}
[2017-02-06T20:34:46,036][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>#<URI::HTTPS:0x124bf7b URL:https://elastic:xxxxxx@f59949dc580e46b7b699aa231a01129e.>, :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://elastic:xxxxxx@f59949dc580e46b7b699aa231a01129e.][Manticore::ClientProtocolException] Received fatal alert: handshake_failure"}

By looking at the packet capture , I have expected Client Hello sent from logstash to proxy node after tcp 3 way handshake but did not happen.

Below is my snippet of my logstash configuration

  elasticsearch {
    hosts => ["https://f59949dc580e46b7b699aa231a01129e."]
    index => "%{[@metadata][index]}-%{[@metadata][platformdate]}"
    document_type => "log"
    ssl_certificate_verification => "false"

    user  => "elastic"
    password => "HGC9Jw3VLNWsleuJdm0YGg=="

When I connected to tcp/9200 port without ssl connection it worked properly so network connection seems to be valid. Am I missing anything to enable the ssl handshake?

(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.