SSL Certs on different nodes


(Nick) #1

The last month we have set up an elk+rabbitmq setup that consists of 2 rabbitmq brokers 4 logstash and 1 elastic+kibana node.

We wanna try out loadbalancing through rabbitmq's to the logstash nodes and then forward to an elastic cluster.

So far the rabbit->logstash->elastic works perfect but without the use of SSL.
We wanted to try out X-Pack for the great things that it offers and right now we are stuck on the cert installation on nodes. I am kind of lost here so i am gonna ask for something dumb here.

Could someone guide me on what i need to do and on which node(each node is a cloud server) to install X-Pack and Certs on each server, so we won't have any server to server communication errors? I am trying to follow the X-Packs guide to elastic-signed Certs but i face huge problems making it work.

What i need is as simple as that:
e.g
Generate the X cert on elastic for a node(e.g logstash1) and copy it to logstash.
Then on logstash.yml add these lines there.
On elastic add these.

etc etc.

Ask for any logs or configurations but at the moment i just need to know the steps to make separate nodes use SSL with those certs for testing.


(Archana ) #2

Hi Nick,

Have you read through the documentation here? https://www.elastic.co/guide/en/x-pack/current/ssl-tls.html
This will help you set up SSL on elasticsearch nodes. Since you want logstash to hit the elasticsearch nodes over SSL, you'll need the same certificate authorities referenced in elasticsearch.yml to be referenced in your logstash.ymls. E.g. xpack.ssl.certificate_authorities: [ "/home/es/config/x-pack/ca.crt" ]

I would suggest first getting this working before setting up SSL on logstash nodes. You may not need it on your logstash nodes, since most likely they are pulling from rabbitmq and pushing to elasticsearch, meaning that no entity is actually hitting the logstash node and attempting to verify its identity.

If you have further questions, please ask. :sunny:

-a5a


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.