Getting below error in Logstash when filebeat tries to publish logs to Logstash
“Looks like you either have an invalid key or your private key was not in PKCS8 format.”
I followed guidelines in the docs:
I have copied the SSL certs with Server authentication on all the Logstash nodes
- The certificates contains subject alternative names (SAN) that correspond to the dns names of all the logstash nodes
port => 5044 ssl => true ssl_certificate_authorities => ["/etc/logstash/ssl/ca.crt"] ssl_certificate => "/etc/logstash/ssl/server.crt" ssl_key => "/etc/logstash/ssl/server.key" ssl_verify_mode => "force_peer"
I have also copied the SSL certs with client authentication, where filebeat is installed .
- The certificate contains the CNAME that correspond to the dns names of the application server where filebeat is installed.
output.logstash: ssl.enabled: true ssl.verification_mode: full ssl.certificate_authorities: ["/etc/pki/root/ca.crt"] ssl.certificate: "/etc/pki/client/cert.crt" ssl.key: "/etc/pki/client/cert.key"
All the certs are signed by common CA.
They are in PEM format.
Any advice, what could be missing or wrong here.?