Elastic stack version: 7.2.0
I want to setup a secure connection.
First, I generated the certificates with:
bin/elasticsearch-certutil
Got : ca.crt, instance.crt, instance.key
Then set filebeat.yml
output.logstash: hosts: ['localhost:5044'] ssl.certificate_authorities: ['D:\Elastic\AppLogs\ssl\ca.crt'] ssl.certificate: 'D:\Elastic\AppLogs\ssl\instance.crt' ssl.key: 'D:\Elastic\AppLogs\ssl\instance.key'
Then logstash-pipeline.conf
ssl => true ssl_certificate_authorities => ['D:\Elastic\AppLogs\ssl\ca.crt'] ssl_certificate => 'D:\Elastic\AppLogs\ssl\instance.crt' ssl_key => 'D:\Elastic\AppLogs\ssl\instance.key' ssl_verify_mode => "force_peer"
When run the logstash, produced error:
Looks like you either have a bad certificate, an invalid key or your private key was not in PKCS8 format.
Switch the instance.key to pkcs8 with:
openssl pkcs8 -in privatekey.key -topk8 -nocrypt -out privatekey.p8
Update filebeat.yml and logstash-pipeline.conf accordingly.
Run again logstash & filebeat, produced error:
Handling exception: javax.net.ssl.SSLHandshakeException: error:10000412:SSL routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE
Please help me.