Valid certificate from filebeat to logstash


I am trying to configure a tls comunication between all ELK stack. I am already configured tls between logstash - elasticsearch and elasticsearch - kibana. But when I try to configure the secure comunication between filebeats and logstash with the same certificate used before, it give me errors and does not let me configure the secure comunication.

I had two diferents errors, the first one is is the exactly same certificate used in elasticsearch and kibana comunication:

[2019-03-20T09:33:13,469][ERROR][ ] Looks like you either have a bad certificate, an invalid key or your private key was not in PKCS8 format.

    [2019-03-20T09:33:13,548][WARN ][] Failed to initialize a channel. Closing: [id: 0xb5596e7e, L:/ - R:/]

    Caused by: Neither RSA, DSA nor EC worked

    Caused by: IOException : algid parse error, not a sequence

    Caused by: IOException : algid parse error, not a sequence 

and If I try to translate the key format to PKCS8, a new error occurred:

[2019-03-20T09:22:54,663][INFO ][] [local:, remote: 0:0:0:0:0:0:0:1:52196] Handling exception: error:10000412:SSL routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE
[2019-03-20T09:22:54,664][WARN ][] An exceptionCaught() event was fired, and it reached at the tail of the pipeline. It usually means the last handler in the pipeline did not handle the exception.
io.netty.handler.codec.DecoderException: error:10000412:SSL routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE
        at [?:1.8.0_201]
Caused by: error:10000412:SSL routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE
        at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.shutdownWithError( ~[netty-all-4.1.18.Final.jar:4.1.18.Final]
        at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.sslReadErrorResult( ~[netty-all-4.1.18.Final.jar:4.1.18.Final]

┬┐Which certificates I need to configure correctly the secure comunication between filebeat and logstash?

I left the configuration I used in filebeat and logstash in case I write something incorrect there:


input {
beats {
port => 5044
ssl => true
ssl_certificate => '/elastic/config/certs/tls.crt'
ssl_certificate_authorities => ["/elastic/config/certs/ca.crt"]
#ssl_key => '/elastic/config/certs/tls.p8'
ssl_key => '/elastic/config/certs/tls.key'


# Optional SSL. By default is off.
  # List of root certificates for HTTPS server verifications
  ssl.certificate_authorities: ["/elastic/config/certs/ca.crt"]

  # Certificate for SSL client authentication
  ssl.certificate: "/elastic/config/certs/tls.crt"

  # Client Certificate Key
  #ssl.key: "/elastic/config/certs/tls.p8"
  ssl.key: "/elastic/config/certs/tls.key"

If you need anything else please let me know.


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.