Winlogbeat is not accpeting .crt and .key

I am using .crt and .key for authentication of filebeat with logstash. Which is working perfectly fine.

I am using the same certificates for winlogbeat and it is not working as expected.

Followed this doc to create .ca and .crt. It is working fine for the complete cluster encryption but the only winlogbeat is the issue. https://www.elastic.co/blog/configuring-ssl-tls-and-https-to-secure-elasticsearch-kibana-beats-and-logstash

output.logstash:
  enabled: true
  hosts: ["aws-elb:5042"]
  ssl.certificate_authorities: C:\Program Files\winlogbeat\SSL\ca.crt
  ssl.certificate: C:\Program Files\winlogbeat\SSL\ca.crt
  ssl.key: C:\Program Files\winlogbeat\SSL\ca.key`

PFB Error:
`PS C:\Program Files\winlogbeat> .\winlogbeat.exe test config -c .\winlogbeat.yml -e                                                                                                                                                          2020-09-05T20:26:06.928+0530    INFO    instance/beat.go:647    Home path: [C:\Program Files\winlogbeat] Config path: [C:\Program Files\winlogbeat] Data path: [C:\Program Files\winlogbeat\data] Logs path: [C:\Program Files\winlogbeat\logs]
2020-09-05T20:26:06.929+0530    INFO    instance/beat.go:655    Beat ID: 645486f7-e240-41bf-afb7-b6e498cfbb51
2020-09-05T20:26:06.980+0530    INFO    [add_cloud_metadata]    add_cloud_metadata/add_cloud_metadata.go:89     add_cloud_metadata: hosting provider type not detected.
2020-09-05T20:26:06.974+0530    INFO    [beat]  instance/beat.go:983    Beat info       {"system_info": {"beat": {"path": {"config": "C:\\Program Files\\winlogbeat", "data": "C:\\Program Files\\winlogbeat\\data", "home": "C:\\Program Files\\winlogbeat", "logs": "C:\\Program Files\\winlogbeat\\logs"}, "type": "winlogbeat", "uuid": "645486f7-e240-41bf-afb7-b6e498cfbb51"}}}
2020-09-05T20:26:06.980+0530    INFO    [beat]  instance/beat.go:992    Build info      {"system_info": {"build": {"commit": "94f7632be5d56a7928595da79f4b829ffe123744", "libbeat": "7.8.1", "time": "2020-07-21T15:24:38.000Z", "version": "7.8.1"}}}
2020-09-05T20:26:06.980+0530    INFO    [beat]  instance/beat.go:995    Go runtime info {"system_info": {"go": {"os":"windows","arch":"amd64","max_procs":8,"version":"go1.13.10"}}}
2020-09-05T20:26:07.005+0530    INFO    [beat]  instance/beat.go:999    Host info       {"system_info": {"host": {"architecture":"x86_64","boot_time":"2020-09-04T10:07:44.23+05:30","name":"Rahul-Laptop","ip":["fe80::85fc:6009:4c07:653/64","169.254.6.83/16","fe80::8c33:f8c:9a59:28a8/64","169.254.40.168/16","fe80::b44f:1690:20fe:93ea/64","169.254.147.234/16","fe80::61:4ee7:64b4:87fb/64","192.168.239.1/24","fe80::3d99:9b16:e7f6:5495/64","192.168.13.1/24","2405:201:200c:983b:7d21:50b0:560:b187/64","2405:201:200c:983b:b8df:3113:b588:783b/128","fe80::7d21:50b0:560:b187/64","192.168.29.108/24","::1/128","127.0.0.1/8"],"kernel_version":"10.0.18362.1016 (WinBuild.160101.0800)","mac":["8c:ec:4b:26:9f:ec","9e:30:5b:74:30:85","ae:30:5b:74:30:85","00:50:56:c0:00:01","00:50:56:c0:00:08","9c:30:5b:74:30:85"],"os":{"family":"windows","platform":"windows","name":"Windows 10 Home Single Language","version":"10.0","major":10,"minor":0,"patch":0,"build":"18363.1016"},"timezone":"IST","timezone_offset_sec":19800,"id":"0d277410-8e8c-4a5e-ba5c-5dff5a31e7f0"}}}
2020-09-05T20:26:07.006+0530    INFO    [beat]  instance/beat.go:1028   Process info    {"system_info": {"process": {"cwd": "C:\\Program Files\\winlogbeat", "exe": "C:\\Program Files\\winlogbeat\\winlogbeat.exe", "name": "winlogbeat.exe", "pid": 11148, "ppid": 16208, "start_time": "2020-09-05T20:26:06.842+0530"}}}
2020-09-05T20:26:07.007+0530    INFO    instance/beat.go:310    Setup Beat: winlogbeat; Version: 7.8.1
2020-09-05T20:26:07.007+0530    ERROR   [tls]   tlscommon/tls.go:55     Failed reading certificate file C:\Program Files\winlogbeat\SSL\ca.crt: no pem file
2020-09-05T20:26:07.007+0530    ERROR   [tls]   tlscommon/tls.go:156    Failed to add CA to the cert pool, CA is not a valid PEM file
2020-09-05T20:26:07.007+0530    ERROR   instance/beat.go:958    Exiting: error initializing publisher: 2 errors: no pem file C:\Program Files\winlogbeat\SSL\ca.crt; file is not a certificate adding C:\Program Files\winlogbeat\SSL\ca.crt to the list of known CAs
Exiting: error initializing publisher: 2 errors: no pem file C:\Program Files\winlogbeat\SSL\ca.crt; file is not a certificate adding C:\Program Files\winlogbeat\SSL\ca.crt to the list of known CAs
1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.