Rabbitmq input with cipher

piyush · March 30, 2017, 7:01pm

Hi Team,
We setup Rabbitmq and configured logstash to read messages from queue. The configurations was working fine and now we updated Rabbitmq to accept only TLSv1.2,TLSv1.1 with specific ciphers. After this logstash can't read the messages and throwing below error.

Also installed "logstash-filter-cipher plugin" and configure it to decrypt ciphers.

We validated certs and CAs are trusted, can you suggest what else we can test to find out missing link?

Can you help reading inputs from Rabbitmq?

Received fatal alert: protocol_version {:class=>"Java::JavaxNetSsl::SSLException", :location=>"sun.security.ssl.Alerts.getSSLException(sun/security/ssl/Alerts.java:208)", :level=>:warn, :file=>"logstash/inputs/rabbitmq.rb", :line=>"180", :method=>"register"}

Thanks & Regards,

piyush · March 31, 2017, 5:50pm

Please respond.

Updated logstash.conf for all ciphers, JAVA for cacerts and RabbitMq certs as well but still getting sslException:

Received fatal alert: protocol_version {:class=>"Java::JavaxNetSsl::SSLException", :location=>"sun.security.ssl.Alerts.getSSLException(sun/security/ssl/Alerts.java:208)", :level=>:warn, :file=>"logstash/inputs/rabbitmq.rb", :line=>"180", :method=>"register"}

PFB: Logstash configurations:

input{
rabbitmq {
host => "DNS"
port => 5671
queue => "que"
user => "test"
password => "test"
durable => true
ssl => true
verify_ssl => true
type => logs
}
}
filter {
cipher {
algorithm => "xyz"
mode => "decrypt"
}
cipher {
algorithm => "pqr"
mode => "decrypt"
}
}
output {
stdout { codec => rubydebug }
}

RabbitMq conf:

         {versions, ['tlsv1.2', 'tlsv1.1']},
         {ciphers, ["xyz", "pqr",]},
         {fail_if_no_peer_cert,false}]}

Thanks & Regards,

piyush · April 6, 2017, 6:44pm

May i request for a response?

Please note that its a blocker and any help would be appreciated. Moreover i verified certificates, this error is due to TLS1.2 implementation.

In the meantime i tried with multiple versions and plugins, but no luck.

logstash-core-plugin-api-1.8.0-java.gem
logstash-codec-json-2.1.4.gem
logstash-input-rabbitmq-4.1.0.gem
logstash-filter-cipher-2.0.2.gem

system · May 4, 2017, 6:45pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.