Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssl_key option missing in lumberjack output #1

Open
jordansissel opened this issue May 17, 2015 · 1 comment
Open

ssl_key option missing in lumberjack output #1

jordansissel opened this issue May 17, 2015 · 1 comment

Comments

@jordansissel
Copy link
Contributor

(This issue was originally filed by @zabbal at elastic/logstash#2126)


There's significant difference between logstash-forwarder and logstash when it comes to ssl configuration:
forwarder supports following options - ssl_certificate, ssl_key, ssl_ca - which are pretty-much self-explanatory
However if I want to ship logs from one logstash to another it becomes much tricker: there is only single "ssl_certificate" option with no example or explanation in the docs I've found so far.
How should I supply private key for ssl certificate for logstash sender?
How will logstash sender verify receiver certificate without option for CA certificate?

I've found numerous toy configuration examples which are of not much use because I'd like to roll out logstash for production setup - which means we already have CA issuing proper certificates for both logstash instances, sender and receiver.

Would be nice to have an example of shipping logs from one logstash to another in a secure way. Ideally, the option names should be compatible between logstash-forwarder and logstash so migration between those 2 would be as easy as possible.

@natefaerber
Copy link

bump. What's the status of this issue reported by @zabbal? Does the certificate file need the key embedded in it? (I guess I can test that.) Will 1.5.0 Lumberjack output work against a 1.4.2 Lumberjack input?

@jordansissel , I believe you requested people to start using full logstash client instead of logstash-forwarder at the SF Elasticon this year. Is the goal still to replace logstash-forwarder with the full logstash client? If so, is Lumberjack part of that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants