I have the ELK stack installed with filebeat configured on the client machine. How do I go about securing the connection.
I've tried here:-
This comes with a message advising that the key should be certificate type pkcs8. I convert the certificate to pkcs8 and change the config to poin to the .p8 and I receive the same error.
I then try following:-
https://www.elastic.co/guide/en/beats/filebeat/current/configuring-ssl-logstash.html
copying the generated /etc/ca.crt, /etc/client.crt, /etc/client.key files to the client and changing the config to
output.logstash:
hosts: ["logs.mycompany.com:5044"]
ssl.certificate_authorities: ["/etc/ca.crt"]
ssl.certificate: "/etc/client.crt"
ssl.key: "/etc/client.key"
This time I receive an error message advising that the pem file cannot be found, even though it's in the correct location, specified in the config file. I have given the file 0600 permissions.
Has anyone managed to secure the connection?