Upgrarding from logstash 5.6.16 to 6.8 results in errors for logstash tcp input plugin

After upgrading the logstash version from 5.6.16 to 6.8, the logstash tcp plugin from 4.2.2 to 5.2.2

After upgrade, we do see the following errors in the logstash logs:
[2021-04-16T01:14:50,392][ERROR][logstash.inputs.tcp ] Error in Netty pipeline: io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: error:10000418:SSL routines:OPENSSL_internal:TLSV1_ALERT_UNKNOWN_CA

The configuration for tcp input plugin is as follows:

# 08-input-tls-syslog-6514.conf
# This expects TLS syslog input on port 6514.
input {
  tcp {
    id => tls_syslog
    tags => [ "input_tls", "syslog" ]
    port => 6514
    ssl_enable => true
    ssl_cert => "/etc/pki/XXXX/sand-006-green.crt"
    ssl_extra_chain_certs => ["/etc/pki/XXXX/ca-bundle.crt", "/etc/pki/XXXX/XXXX-hosts-naw01.crt" ]
    ssl_key => "/etc/pki/XXXX/sand-006-green.key"
    ssl_verify => false
    codec => plain {
      charset => "ISO8859-16"
    }
  }
}

The same configuration worked fine with logstash version 5.6.16.

Based on the changelogs for the http tcp plugin, no changes were needed during the upgrade of the plugin version from 4.2.2 to 5.2.2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.