I'm trying to send logs directly to elasticsearch from Velocirpator, but I'm getting the below error when enabled xpack security features.

below is my elastic config file

---------------------------------- Security -----------------------------------
Configure Security Settings
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: none
xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-stack-ca.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/http.p12

Generated error when data being forwarded

*'[2021-09-08T12:37:06,775][WARN ][o.e.h.AbstractHttpServerTransport] [ELK-1] c**aught exception while handling client http traffic, closing connection Netty4HttpChannel{localAddress=/192.168.119.136:9200, remoteAddress=/192.168.119.134:55539}***

io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: Received fatal alert: **bad_certificate***

at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:471) ~[netty-codec-4.1.49.Final.jar:4.1.49.Final]*

Welcome to our community!

Can you please adjust your formatting as it's very hard to follow what's happening

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.