Logstash use https

Yerikshu · December 29, 2018, 9:20am

we need to use logstash in https, and this's our configucation:
input
{
http{
host => "0.0.0.0"
port => 8080
additional_codecs => {"application/json"=>"json"}
codec => "plain"
threads => 4
ssl => true
ssl_certificate => "/home/yerikyu/logstash/1673589_radar.cmic.site_other/1673589_radar.cmic.site.pem"
ssl_key => "/home/yerikyu/logstash/1673589_radar.cmic.site_other/radar.cmic.site.pem"
# ssl_verify_mode => "force_peer"
}
}
output
{
kafka {
bootstrap_servers => "0.0.0.0:9092"
topic_id => "logstash"
compression_type => "gzip"
}
}
and that it's the log
[2018-12-29T16:59:56,258][ERROR][logstash.pipeline ] Error registering plugin {:pipeline_id=>"main", :plugin=>"<LogStash::Inputs::Http ssl_certificate=>"/home/yerikyu/logstash/1673589_radar.cmic.site_other/1673589_radar.cmic.site.pem", codec=><LogStash::Codecs::Plain id=>"plain_f3f1da65-a448-461e-83e9-fae75827fb87", enable_metric=>true, charset=>"UTF-8">, ssl_key=>"/home/yerikyu/logstash/1673589_radar.cmic.site_other/radar.cmic.site.pem", port=>8080, additional_codecs=>{"application/json"=>"json"}, host=>"0.0.0.0", threads=>4, id=>"bd494b1de12503353ced24be4fcf4a0821c00328780e4918685476e8e73d4fcd", ssl=>true, enable_metric=>true, ssl_verify_mode=>"none", ssl_handshake_timeout=>10000, tls_min_version=>1, tls_max_version=>1.2, cipher_suites=>["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"], response_headers=>{"Content-Type"=>"text/plain"}, remote_host_target_field=>"host", request_headers_target_field=>"headers", max_pending_requests=>200, max_content_length=>104857600, verify_mode=>"none">", :error=>"File does not contain valid private key: /home/yerikyu/logstash/1673589_radar.cmic.site_other/radar.cmic.site.pem", :thread=>"#<Thread:0x5ecdaa7 run>"}
[2018-12-29T16:59:56,288][INFO ][org.apache.kafka.clients.producer.KafkaProducer] [Producer clientId=producer-1] Closing the Kafka producer with timeoutMillis = 9223372036854775807 ms.
[2018-12-29T16:59:56,293][ERROR][logstash.pipeline ] Pipeline aborted due to error {:pipeline_id=>"main", :exception=>java.lang.IllegalArgumentException: File does not contain valid private key: /home/yerikyu/logstash/1673589_radar.cmic.site_other/radar.cmic.site.pem, :backtrace=>[

So, how can i solve it?Thanks everybody

ikakavas · December 29, 2018, 12:02pm

The error message is pretty clear: /home/yerikyu/logstash/1673589_radar.cmic.site_other/radar.cmic.site.pem is not a valid Private Key file. This doesn't appear to be a Logstash specific issue, you need to have a valid Private key and the relevant Certificate file in order to enable https.

If you generated the key and certificate yourself, how did you do it?
If you received the key and certificate from somewhere, please verify that the files are correct.

For instance you can verify your private key file with

openssl rsa -in home/yerikyu/logstash/1673589_radar.cmic.site_other/radar.cmic.site.pem -check -noout

which should output:

RSA key ok

system · January 26, 2019, 12:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.