2

我在笔记本电脑中设置了一个 elsatic 堆栈,并在其中配置了完整堆栈(filebeat、logstash、elasticsearch 和 kibana)。但现在我需要使用 SSL 以安全的方式连接 filebeat 和 logstash。但是在使用我自己创建的自签名证书之后,当我尝试使用以下 curl 请求验证证书时,它会引发以下错误

**curl -v --cacert ca.crt https://localhost:5044**

错误-->

* error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake        failure
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

它给出了上述 sslv3 握手失败。

我已按照以下指南创建可以使用 logstash https://benjaminknofe.com/blog/2018/07/08/logstash-authentication-with-ssl-certificates/配置的自签名证书 我已经按照那些步骤适合我的实现。

这是我从 curl 请求中收到的完整握手输出

* Rebuilt URL to: https://localhost:5044/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 5044 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: ca.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS alert, Server hello (2):
* error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake        failure
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

这是我在 openssl 密钥创建中使用的 logstash.config 文件。我已将通用名称命名为 localhost,因为这就是我在 /etc/hosts 127.0.0.1 localhostt 中映射的方式

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no

[req_distinguished_name]
countryName                     = XX
stateOrProvinceName             = XXXXXX
localityName                    = XXXXXX
postalCode                      = XXXXXX
organizationName                = XXXXXX
organizationalUnitName          = XXXXXX
commonName                      = localhost
emailAddress                    = XXXXXX

[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1 = localhost

logstash 输入插件

input {
  beats {
    port => 5044
    ssl => true
    ssl_certificate_authorities => ["/home/ssl/ca.crt"]
    ssl_certificate => "/home/ssl/logstash.crt"
    ssl_key => "/home/ssl/logstash.key"
    #ssl_verify_mode => "force_peer"
    client_inactivity_timeout => 1000
 }
}

我希望已经配置了 logstash 接受的 ssl 证书。但是当我尝试使用 curl reuqests 验证它们时,它们不被接受

4

0 回答 0