从logstash 到elasticsearch 的ssl 连接出现错误。在弹性搜索中,我看到了这个:
> 2019-02-21T15:39:22.488125445Z [2019-02-21T15:39:22,487][WARN
> ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [05w2lDl] http client
> did not trust this server's certificate, closing connection [id:
> 0xc1159c29, L:0.0.0.0/0.0.0.0:9200 ! R:/10.10.0.22:49470]
在logstash我看到这个:
2019-02-21T15:49:26.052155453Z [2019-02-21T15:49:26,051][WARN ][logstash.outputs.elasticsearch] Attempted to resurrect connection to dead ES instance, but got an error. {:url=>"https://elastic:xxxxxx@elasticsearch:443/", :error_type=>LogStash::Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://elastic:xxxxxx@elasticsearch:443/][Manticore::ClientProtocolException] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"}
logstash.conf
output {
elasticsearch {
hosts => [ "https://elasticsearch:443" ]
ssl => true
cacert => '/usr/share/logstash/config/certs/service.crt'
user => 'elastic'
password => ''
}
}
日志存储.yml
http.host : 0.0.0.0
path.config : /usr/share/logstash/pipeline
xpack.monitoring.elasticsearch.ssl.ca : /usr/share/logstash/config/certs/ca.crt
xpack.monitoring.elasticsearch.url : "https://elasticsearch:443"
xpack.monitoring.elasticsearch.username : "logstash_system"
xpack.monitoring.elasticsearch.password : "..."
弹性搜索.yml
xpack.security.http.ssl.enabled : true
xpack.security.transport.ssl.verification_mode : certificate
xpack.security.transport.ssl.enabled : true
xpack.ssl.key : /usr/share/elasticsearch/config/certs/service.key
xpack.ssl.certificate : /usr/share/elasticsearch/config/certs/service.crt
xpack.ssl.certificate_authorities : /usr/share/elasticsearch/config/certs/ca.crt
这些键曾经可以工作...我刚刚从 6.0.0 升级到 6.6.1。
我愿意从证书重新开始,我应该对文档中的密钥库和信任库做些什么吗?有什么想法吗??谢谢,克里斯