Secure logstash connection to elasticsearch

I follow the tutorial(Install Elasticsearch with Docker | Elasticsearch Guide [8.8] | Elastic) creating certs in the docker-compose.yml services setup.

And I follow the guide to config logstash scure Secure your connection to Elasticsearch | Logstash Reference [8.8] | Elastic

output {
  elasticsearch {
    hosts => ["https://...] 
    cacert => "/usr/share/logstash/certs/ca/ca.crt"

and mount the volum in the docker-compose.yml.

      - certs:/usr/share/logstash/config/certs

When I start the logstash, it says File does not exist or cannot be opened /usr/share/logstash/config/certs/ca/ca.crt

But I enter the logstash container, the /usr/share/logstash/config/certs dir has been there.
When I cd /usr/share/logstash/config/certs, it says "bash: cd:/usr/share/logstash/config/certs: Permission denied".

I guss this is the reason why it occurred the error that "File does not exist or cannot be opened /usr/share/logstash/config/certs/ca/ca.crt".

So, how could I solve this problem.

Hi @PeroWong,

Welcome to the community! It does look to me like a permissions issue as you say. Can you check the file permissions on the certs file to ensure logstash has access to the folder and file?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.