Why is the ssl_key_passphrase missing in the plugins-outputs-elasticsearch?

Logstash 8.10

ssl_key_passphrase is Missing.
If we set the SSL certificate, do we have to use the unencrypted key or use a keystore?

Hi @hengya_liu Welcome to the community.

Perhaps looking for...

ssl_keystore_password

You can store that in the logstash keystore if you like

Or are you taking about a password for private key for a .pem encoded certificate?

Interesting I do see

key_passphrase for the filebeat connection to elasticsearch...

Perhaps it is missing from the logstash documentation.

Try
ssl_key_passphrase and see if it works...

It is possible it is not supported in Logstash.. you original question :slight_smile:

Yes, Logstash does not support a ssl key with a passphrase.

You need to use one without a passphrase or use a jks/pk12 keystore.

1 Like

We need to specify the certificate and private key separately (not in keystore form)
So we need to protect the private key.

We tried with ssl_key_passphrase. it does not work.
I also checked with the source code. ssl_key_passphrase is also missing in the source code.

1 Like

OK, understood. Thanks for your reply.

@hengya_liu Apologies Yes I just looked at the code it's ruby and is not supported as @leandrojmp said...

OK. We will switch to the format that uses keystore (p12). Thanks a lot.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.