We just upgraded logstash to 5.x version and we noticed this issue today that TCP connection won't get any certificate information if there is one established connection already.
openssl s_client return this:
CONNECTED(00000003) write:errno=104 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 305 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1493311011 Timeout : 300 (sec)
One another server with exact same build, but without ESTABLISHED connection to TCP input plugin port. The same
openssl s_client check works well..
Is there any known issue about TCP Plugins that have this issue?
We haven't try to reproduce this issue on 2.3.x version of logstash but there is more than one ESTABLISHED connection to TCP port all the time. However, 5.x seem like doesn't allow multiple TCP connection to TCP input plugin.
PS: We use self-signed CA and certs/keys and CA include ROOT + Intermediate CA