Mutual tls between fluentd(act as client) and elasticsearch(act as server)

Hi

I am trying to establish mutual tls between fluentd and elasticsearch.
I have followed steps described in https://www.elastic.co/guide/en/elasticsearch/reference/8.7/security-basic-setup.html#generate-certificates
at https://www.elastic.co/guide/en/elasticsearch/reference/8.7/security-basic-setup.html#encrypt-internode-communication and
https://www.elastic.co/guide/en/elasticsearch/reference/8.7/security-basic-setup-https.html#encrypt-http-communication

What other steps should I follow in order to establish mTLS?
Thank you in advance!

Hi

Could you please help here?!

Hi @Voula_Mikr

We need a bit more....

Do you alreay have elasticsearch running with TLS on the HTTP interface?

You need to show us your elasticsearch.yml and the settings

You will need to set

xpack.security.http.ssl.client_authentication: optional

xpack.security.http.ssl.client_authentication
(Static) Controls the server’s behavior in regard to requesting a certificate from client connections. Valid values are required, optional, and none. required forces a client to present a certificate, while optional requests a client certificate but the client is not required to present one. Defaults to none.

You will need to setup the path to the client side CA / Cert (honestly I am a bit fuzzy on that, perhaps I can look at that later today at some point)

Then the rest should be on the fluentd side, which some folks here may be familiar with but you may need to visit the fluent forum.

So back to the first question do you have elasticsearch set up with TLS?

Have you verified that with curl?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.