RabbitMQ Input plugin: PKIX path building failed in Logstash 6.8.15

Pragatheswar · July 22, 2021, 7:23am

Problem statement
Hi guys,

I ahve upgraded Logstash from 6.2.2 to 6.5.0. Post that I receive the following error when trying to configure logstash client certificates:

[2018-12-10T22:10:32,949][ERROR][logstash.inputs.rabbitmq ] RabbitMQ connection error, will retry. {:error_message=>"sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target", :exception=>"Java::JavaxNetSsl::SSLHandshakeException"}

Steps to reproduce:

Build server from scratch with java, logstash, and certificate signed by my own ca
Create pkcs12 certificate:
openssl pkcs12 -export -out LOGSTASH-1.p12 -inkey LOGSTASH-1.key -in LOGSTASH-1.crt -passout pass:test
Update trustStore
keytool -import -alias RMQ-master.cert -file /etc/logstash/RMQ-master.crt -keystore /opt/jre1.8.0_65/lib/security/cacerts -storepass changeit -v
start logstash
Troubleshooting so far:

Downgraded from JRE 8_0_191 to JRE 8_0_65
Imported both ca.crt and RMQ-master.crt to trustStore
Added ca.crt to p12 certificate
Added RMQ-master.crt to p12 certificate
added the following to /etc/logstash/jvm.options:
-Djavax.net.ssl.trustStore=/opt/jre1.8.0_65/lib/security/cacerts
-Djavax.net.ssl.trustStorePassword=changeit
Nothing seems to be working. Can anyone help me figure out what I'm doing wrong?

Logstash version: 6.5.2
Operating System: AWS Linux
Config File:
input {
rabbitmq {
user => "username"
password => "pwd"
queue => "queue_1"
host => "localhost"
port => 5671
durable => true
ssl => true
ssl_certificate_path => "/pathtocertificate/client_certificate.p12"
ssl_certificate_password => "xxxxx"
}
}

filter {
json {
source => "message"
target => "message"
}

if [pipeline] {
if "queue_1" in [pipeline] {
mutate {
add_field => { "[@metadata][_index]" => "indexname" }
add_field => { "[@metadata][_type]" => "history" }
}
date {
match => [ "updateTime", "yyyy-MM-dd HH:mm:ssZ" ]
}
}
} else {
mutate {
add_field => { "[@metadata][_index]" => "logstash-%{+YYYY.MM.dd}" }
add_field => { "[@metadata][_type]" => "log" }
}
}
}

system · August 19, 2021, 7:24am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.