New TCP input plugin cannot return SSL certificate information


(Draven Johnson) #1

We just upgraded logstash to 5.x version and we noticed this issue today that TCP connection won't get any certificate information if there is one established connection already.

openssl s_client return this:

CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1493311011
    Timeout   : 300 (sec)

One another server with exact same build, but without ESTABLISHED connection to TCP input plugin port. The same openssl s_client check works well..

Is there any known issue about TCP Plugins that have this issue?

We haven't try to reproduce this issue on 2.3.x version of logstash but there is more than one ESTABLISHED connection to TCP port all the time. However, 5.x seem like doesn't allow multiple TCP connection to TCP input plugin.

PS: We use self-signed CA and certs/keys and CA include ROOT + Intermediate CA


(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.