TLS enabled in logstash . NO certificates for Filebeat. Is it possible to connect

rijinmp · December 11, 2018, 9:54am

HI All ,

TLS enabled in logstash . But i dont have any certificates for filebeat.

Is it possible to connect filebeat to a TLS enabled logstash without a certificate.

I have certificates for logssash and certificate authorities (CA)

Thanks.

Logstash conf file:

input{

beats

  { port => "5044"

      tags => [ "Logstash1" ]
           codec => "json"

           ssl => true
           ssl_certificate_authorities => ["/etc/logstash/certs/CA.crt"]
           ssl_certificate => "/etc/logstash/certs/logstash.crt"
           ssl_key => "/etc/logstash/certs/logstash.key"
           ssl_verify_mode => "force_peer"

         }

 }

FileBeat:

  output.logstash:

         hosts: ["https://logstaship1:5044","https://logstaship2:5044"]
         loadbalance: true

         ssl.certificate_authorities: ["/etc/filebeat/certs/CA.crt"]

rijinmp · December 14, 2018, 9:13pm

HI All ,

I go the solution . In Logstash conf file use ssl_verify_mode => "peer"

Sample:

input{

beats
{ port => "5044"

           tags => [ "Logstash1" ]
           codec => "json"
           ssl => true
           ssl_certificate_authorities => ["/etc/logstash/certs/CA.crt"]
          ssl_certificate => "/etc/logstash/certs/logstash.crt"
          ssl_key => "/etc/logstash/certs/logstash.key"
          ssl_verify_mode => "peer"


         }

}

This type of conf doesn ask certificates from FIlebeat.

system · January 11, 2019, 9:13pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.