Setting up Secure connection between Filebeat and Logstash

Elastic stack version: 7.2.0

I want to setup a secure connection.

First, I generated the certificates with:

Got : ca.crt, instance.crt, instance.key

Then set filebeat.yml

hosts: ['localhost:5044']
ssl.certificate_authorities: ['D:\Elastic\AppLogs\ssl\ca.crt']
ssl.certificate: 'D:\Elastic\AppLogs\ssl\instance.crt'
ssl.key: 'D:\Elastic\AppLogs\ssl\instance.key'

Then logstash-pipeline.conf

ssl => true
ssl_certificate_authorities => ['D:\Elastic\AppLogs\ssl\ca.crt']
ssl_certificate => 'D:\Elastic\AppLogs\ssl\instance.crt'
ssl_key => 'D:\Elastic\AppLogs\ssl\instance.key'
ssl_verify_mode => "force_peer"

When run the logstash, produced error:

Looks like you either have a bad certificate, an invalid key or your private key was not in PKCS8 format.

Switch the instance.key to pkcs8 with:

openssl pkcs8 -in privatekey.key -topk8 -nocrypt -out privatekey.p8

Update filebeat.yml and logstash-pipeline.conf accordingly.
Run again logstash & filebeat, produced error:

Handling exception: error:10000412:SSL routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE

Please help me.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.