SunCertPathBuilderException in Logstash Running Elasticsearch in Docker

I am running Elasticsearch in docker. I am trying to hit port 5044 from my browser (or from anywhere). My error is as follows:

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

My logstash.conf file looks like:

input {
  beats {
    port => 5044
  }
}

output {
  elasticsearch {
    hosts => ["https://localhost:9200"]
    index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
    #user => "elastic"
    #password => "changeMe"
  }
}

My logstash file is all commented out.

I have never used keytool before but gave it a try using the cert I copied out of the Elasticsearch container:

sudo keytool -importcert -file ./http_ca.crt

It did not work. Can anyone help?

Thanks,
Jason

I meant my logstash.yml file is all commented out.

For more information, I am able to hit logstash port 9600 with Firefox I cannot with https://localhost:5044 which gives me Secure Connection Failed. With http://localhost:5044 I get The connection was reset.

Why?

To verify it is working.

Correct me if I am wrong but doesn't elasticsearch need to talk to logstash via port 5044?

No, Elasticsearch does not talk to Logstash, it is the other way.

In the pipeline you shared you have a beats input listening in port 5044 and a elasticsearch output, this means that logstash will listen for connections from any beats application on port 5044 and will send it to elasticsearch, on the configured port 9200.

Trying to access port 5044 in logstash will not work as you need to use a beat to send data, like filebeat, metricbeat, winlogbeat etc.

You can however test the connection using telnet.

Thanks for the answer my full exception with more information is as follows:

[https://localhost:9200/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target