I'm trying to send secure data to logstash from metricbeat, inside my own computer. I followed the tutorial (https://www.elastic.co/es/blog/configuring-ssl-tls-and-https-to-secure-elasticsearch-kibana-beats-and-logstash#create-ssl) but I have the error SSLV3_ALERT_BAD_CERTIFICATE although it is an info message I do not get any thing from metricbeat.
I just want to send encrypted data from metricbeat to logstash, so I made this instance.yml from the example:
instances:
- name: 'logstash'
dns: [ 'localhost' ]
Then I generate the certs bin/elasticsearch-certutil cert ca --pem --in ~/tmp/cert_blog/instance.yml --out ~/tmp/cert_blog/certs.zip. I copy them into the folders in his place, both metricbeat and logstash.
This is the filter I use in logstash:
input{
beats{
port => 5044
ssl => true
ssl_certificate_authorities => ['C:/..location../config/certs/ca.crt']
ssl_key => 'C:/..location../config/certs/logstash.pkcs8.key'
ssl_certificate => 'C:/..location../config/certs/logstash.crt'
}
}
output {
stdout{}
}
This is the config I use in metricbeat:
output.logstash:
hosts: ["0.0.0.0:5044"]
ssl.certificate_authorities: ['C:/..location../config/certs/ca.crt']
***Extra question: If I wanted to change the port, should I change the instance.yml file adding the port to the dns? Like 'localhost:xxxx'