On FreeBSD 10, I had TLS working for encrypted communication between previous versions of Logstash and both Filebeat and Metricbeat. I've recently upgraded ELK to the versions below:
- Logstash 2.3 -> 5.0
- Filebeat 1.2 -> 5.0 (hand built)
- Metricbeat 5.0 alpha (hand built) -> 5.0 (hand built)
Things work with TLS disabled, but I am being hindered by the LS 2.4 breaking change regarding PKCS#8.
logstash/bin/logstash -f /usr/local/etc/logstash/logstash.conf
...
[2016-11-28T14:57:53,934][ERROR][logstash.inputs.beats ] Looks like you either have an invalid key or your private key was not in PKCS8 format. {:exception=>java.lang.IllegalArgumentException: File does not contain valid private key: /usr/local/share/certs/managed/raw/logstash.key}
I followed some advice about converting the private key for both *beats and Logstash...
# openssl pkcs8 -topk8 -nocrypt -in $inkey -out $inkey.pkcs8
... and changing configs for all three services to use the .pkcs8 file for the key. Still no luck:
logstash/bin/logstash -f /usr/local/etc/logstash/logstash.conf
...
[2016-11-28T13:54:43,883][ERROR][logstash.inputs.beats ] Looks like you either have an invalid key or your private key was not in PKCS8 format. {:exception=>java.lang.IllegalArgumentException: Unsupported ciphersuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38}
Can I get some help troubleshooting this please?
$ openssl version
OpenSSL 1.0.1p-freebsd 9 Jul 2015
Thanks,
Greg.