We just upgraded logstash to 5.x version and we noticed this issue today that TCP connection won't get any certificate information if there is one established connection already.
openssl s_client return this:
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1493311011
Timeout : 300 (sec)
One another server with exact same build, but without ESTABLISHED connection to TCP input plugin port. The same openssl s_client check works well..
Is there any known issue about TCP Plugins that have this issue?
We haven't try to reproduce this issue on 2.3.x version of logstash but there is more than one ESTABLISHED connection to TCP port all the time. However, 5.x seem like doesn't allow multiple TCP connection to TCP input plugin.
PS: We use self-signed CA and certs/keys and CA include ROOT + Intermediate CA