Unable to find valid certification path to requested target

osher.l · May 11, 2021, 12:06pm

We have ELK stack on Kubernetes(version 7.0.0), Logstash is failing to interact with elasticsearch with the following warning and errors, all other components like filebeat and kibana are well functioning.

[2021-05-11T11:45:21,872][WARN ][logstash.licensechecker.licensereader] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://xxxx:xxxxxx@elasticsearch:9200/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://xxxx:xxxxxx@elasticsearch:9200/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}
[2021-05-11T11:45:22,042][WARN ][logstash.licensechecker.licensereader] Marking url as dead. Last error: [LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError] Elasticsearch Unreachable: [https://xxxx:xxxxxx@elasticsearch:9200/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target {:url=>https://osher:xxxxxx@elasticsearch:9200/, :error_message=>"Elasticsearch Unreachable: [https://xxxx:xxxxxx@elasticsearch:9200/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target", :error_class=>"LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError"}
[2021-05-11T11:45:22,053][ERROR][logstash.licensechecker.licensereader] Unable to retrieve license information from license server {:message=>"Elasticsearch Unreachable: [https://xxxx:xxxxxx@elasticsearch:9200/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}

The elaticsearch output plugin from logstash.conf:

 elasticsearch {
                hosts => "${ELASTICSEARCH_HOST}"
                user => "${ELASTICSEARCH_USERNAME}"
                password => "${ELASTICSEARCH_PASSWORD}"
                ssl => true
                cacert => "/usr/share/logstash/config/certs/elasticsearch-ca.pem"
                ilm_rollover_alias => "development"
                ilm_pattern => "000001"
                ilm_policy => "dev-policy"
            }

Will appreciate your assistance,

system · June 8, 2021, 12:06pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error unable to find valid certification path Logstash	12	38455	June 9, 2021
Unable to find valid certification path to requested target while trying to implement HTTPS Elasticsearch docker	1	1642	June 29, 2021
Logstash cant connect to Elasticsearch Logstash	2	1039	May 7, 2019
Attempted to resurrect connection to dead ES instance Logstash	3	777	December 11, 2022
API Connect offloading to ElasticSearch Error Logstash	4	165	May 2, 2024

Unable to find valid certification path to requested target

Related Topics