Secure Communication Between Filebeat and Logstash

aditya_soni · October 3, 2017, 11:47am

Hi All,

I am trying to configuring the secure communication between Logstash and Filebeat by the reference of
the link provided https://www.elastic.co/guide/en/beats/filebeat/current/configuring-ssl-logstash.html#testing-ssl-logstash

These is my Filebeat.yml file-

    filebeat.prospectors: 
      - 
        document_type: gatewaylogs
        input_type: log
        paths: "C:/Users/ak250751/Documents/My Received Files/GatewayService-Processor.Transactions-20170830.slog"
    output.logstash: 
      hosts: 
        - "153.53.32.69"
      ssl.certificate: "C:/Certificate/FileBeateCert/Certs~/ca/ca.crt"
      ssl.certificate_authorities: 
        - "C:/Certificate/FileBeateCert/Certs~/FilebeatServer/FilebeatServer.crt"
      ssl.key: "C:/Certificate/FileBeateCert/Certs~/FilebeatServer/FilebeatServer.key"

And this is my Logstash Config File:-1:

input{
  beats{
    port=>5043
    ssl => true
    ssl_certificate_authorities => ["E:\ELK-STACK\filebeat-5.5.1-windows-x86_64\filebeat-5.5.1-windows-x86_64\etc\ca.crt"]
    ssl_certificate => "E:\ELK-STACK\filebeat-5.5.1-windows-x86_64\filebeat-5.5.1-windows-x86_64\etc\LogstashClient.crt"
    ssl_key => "E:\ELK-STACK\filebeat-5.5.1-windows-x86_64\filebeat-5.5.1-windows-x86_64\etc\LogstashClient.key"
    ssl_verify_mode => "force_peer"
	}

This is my instance.yml file , which i used for creating certificate using certgen tool-

instances:
  - name: "FilebeatServer" 
    ip: 
      - "153.53.32.69"
  - name: "LogstashClient"
    ip:
      - "153.53.41.26"

So by using command - xpack/bin/certgen -in instance.yml i got three folders.

a) FilebeatServer- contains- .crt and .key file.
b) LogstashServer- conatins- .crt and .key file.
c) ca- contains ca.crt and ca.key,

So on doing all the above configuration,

On starting the Filebeat Service I am getting the following Error-

2017/10/03 10:14:10.381631 outputs.go:102: ERR failed to initialize logstash plugin as output: 1 error: tls: private key does not match public key
2017/10/03 10:14:10.383637 beat.go:339: CRIT Exiting: error initializing publisher: 1 error: tls: private key does not match public key
Exiting: error initializing publisher: 1 error: tls: private key does not match public key

I thought i am doing configuration of certificates in a wrong manner.
please suggest me the way.

Thanks.

system · October 31, 2017, 11:47am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SSL Communication Elasticsearch	2	393	May 24, 2018
Filebeat encrypted communication to Logstash Beats	3	369	July 31, 2020
Filebeat cannot connect to Logstash using ssl. curl: (35) TCP connection reset by peer Beats filebeat	3	1655	January 14, 2020
How to configure SSL connection between Logstash and Filebeat Logstash	3	1474	March 9, 2018
Debug Errors while setting up SSL communication between Filebeat and Logstash Beats filebeat	7	7158	December 15, 2017

Secure Communication Between Filebeat and Logstash

These is my Filebeat.yml file-

Related topics