Fatal编程技术网
  • ssl/
  • Can';在SSL正常工作的情况下,无法将nxlog设置为logstash

Can';在SSL正常工作的情况下,无法将nxlog设置为logstash

ssl openssl logstash

Can';在SSL正常工作的情况下,无法将nxlog设置为logstash,ssl,openssl,logstash,nxlog,Ssl,Openssl,Logstash,Nxlog,我从DigiCert买了一张证书。所以我拿到了文件;DigiCertCA.crt,mydomain\u com.crt mydomain\u com.key 我将我的日志存储配置更改为此 tcp { type => "AppLog" port => 5656 host => "mydomain.com" ssl_cacert => "C:/Certificates/DigiCertCA.crt" ssl_cert => "C:

我从DigiCert买了一张证书。所以我拿到了文件;DigiCertCA.crt,mydomain\u com.crt mydomain\u com.key

我将我的日志存储配置更改为此

tcp {
    type => "AppLog"
    port => 5656
    host => "mydomain.com"
    ssl_cacert => "C:/Certificates/DigiCertCA.crt"
    ssl_cert => "C:/Certificates/mydomain_com.crt"
    ssl_key => "C:/Certificates/mydomain_com.key"
    ssl_enable => true
    ssl_verify => true
}
然后将我的nxlog配置更改为(在不同的计算机上运行):

哪个看起来不错

有没有什么办法可以找出什么是急性问题?我做错了吗

编辑: 当然,我忘记了错误消息; 在nxlog客户端上发送到logstash

2015-09-04 16:17:21 INFO nxlog-ce-2.9.1347 started
2015-09-04 16:17:21 INFO connecting to mydomain.com:5960
2015-09-04 16:17:21 INFO successfully connected to mydomain.com:5960
2015-09-04 16:17:21 INFO reconnecting in 1 seconds
2015-09-04 16:17:21 ERROR SSL certificate verification failed: unable to get issuer certificate (err: 2)
2015-09-04 16:17:22 INFO connecting to mydomain.com:5960
2015-09-04 16:17:22 INFO successfully connected to mydomain.com:5960
2015-09-04 16:17:22 INFO reconnecting in 1 seconds
2015-09-04 16:17:22 ERROR SSL certificate verification failed: unable to get issuer certificate (err: 2)
在logstash服务器上

{:timestamp=>"2015-09-04T16:25:52.976000+0200", :message=>"SSL Error", :exception=>#<OpenSSL::SSL::SSLError: Unrecognized SSL message, plaintext connection?>, :backtrace=>["org/jruby/ext/openssl/SSLSocket.java:238:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/ssl-internal.rb:142:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:182:in `run_server'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:170:in `run'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:177:in `inputworker'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:171:in `start_input'"], :level=>:error}
{:timestamp=>"2015-09-04T16:25:53.992000+0200", :message=>"SSL Error", :exception=>#<OpenSSL::SSL::SSLError: Unrecognized SSL message, plaintext connection?>, :backtrace=>["org/jruby/ext/openssl/SSLSocket.java:238:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/ssl-internal.rb:142:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:182:in `run_server'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:170:in `run'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:177:in `inputworker'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:171:in `start_input'"], :level=>:error}

{:timestamp=>“2015-09-04T16:25:52.976000+0200”,:message=>“SSL错误”,:exception=>,:backtrace=>[“org/jruby/ext/openssl/SSLSocket.java:238:in`accept'”,C:/elkstack/logstash-1.5.3/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/SSL-internal.rb:142:in`accept',“C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:182:in`run_server'”,“C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:170:in`run'”C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:177:inputworker中,“C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:171:in'start\u input'”,:level=>error}
{:timestamp=>“2015-09-04T16:25:53.992000+0200”,message=>“SSL错误”,exception=>#,backtrace=>[“org/jruby/ext/openssl/SSLSocket.java:238:in`accept'”,C:/elkstack/logstash-1.5.3/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/SSL internal.rb:142:in`accept'”C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:182:in‘run_server’,“C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:170:in‘run’”C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:177:inputworker中,“C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:171:in'start\u input'”,:level=>error}
  • 我真的不知道出了什么问题,因为你没有发布任何错误消息
  • 为此购买证书是一种浪费。你应该创建自己的CA证书(例如openssl),然后为每个实体生成证书+密钥对。网上有很多方法
  • om_ssl通常需要CertKeyFile和CertFile
  • 您运行的openssl s_客户端测试没有验证(有一个-verify开关),另一方面,证书验证在两端都打开
  • 尝试使用AllowUntrusted TRUE,看看这是否有帮助
我在Awasant和logstash上遇到了类似的问题,我也在使用DigiCert certeficates。在我的例子中,问题是其中一个端点没有完整的证书链

我创建了一个文件“x”,并将DigiCertCA.crt和TrustedRoot.crt内容放在其中,并将该文件用作CA证书,一切似乎都很正常。

I“这个,所以购买证书不是我的决定。感谢您提供有关s_客户验证的提示。我已经尝试过AllowUntrusted.ok,那么如何生成TrustedRoot.crt呢?它是DigiCertCA和mydomain.crt的组合吗?抱歉,我不太擅长这个证书的东西。@hayer您不能生成TrustedRoot.crt。有两种可能,digicert可以发送文件DigiCertCA.crt中的所有证书链,或者在创建证书时向您发送文件TrustedRoot.crt。运行以下命令:openssl verify-CAfile DigiCertCA.crt my_certeficate.crt如果所有链都在其中,您将收到一条ok消息,并且您遇到与我不同的问题,否则您将不得不查找TrustedRoot.crt文件(可能是DigiCert将其与其他证书一起发送给您的) 
2015-09-04 16:17:21 INFO nxlog-ce-2.9.1347 started
2015-09-04 16:17:21 INFO connecting to mydomain.com:5960
2015-09-04 16:17:21 INFO successfully connected to mydomain.com:5960
2015-09-04 16:17:21 INFO reconnecting in 1 seconds
2015-09-04 16:17:21 ERROR SSL certificate verification failed: unable to get issuer certificate (err: 2)
2015-09-04 16:17:22 INFO connecting to mydomain.com:5960
2015-09-04 16:17:22 INFO successfully connected to mydomain.com:5960
2015-09-04 16:17:22 INFO reconnecting in 1 seconds
2015-09-04 16:17:22 ERROR SSL certificate verification failed: unable to get issuer certificate (err: 2)

{:timestamp=>"2015-09-04T16:25:52.976000+0200", :message=>"SSL Error", :exception=>#<OpenSSL::SSL::SSLError: Unrecognized SSL message, plaintext connection?>, :backtrace=>["org/jruby/ext/openssl/SSLSocket.java:238:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/ssl-internal.rb:142:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:182:in `run_server'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:170:in `run'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:177:in `inputworker'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:171:in `start_input'"], :level=>:error}
{:timestamp=>"2015-09-04T16:25:53.992000+0200", :message=>"SSL Error", :exception=>#<OpenSSL::SSL::SSLError: Unrecognized SSL message, plaintext connection?>, :backtrace=>["org/jruby/ext/openssl/SSLSocket.java:238:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/ssl-internal.rb:142:in `accept'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:182:in `run_server'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-1.0.0/lib/logstash/inputs/tcp.rb:170:in `run'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:177:in `inputworker'", "C:/elkstack/logstash-1.5.3/vendor/bundle/jruby/1.9/gems/logstash-core-1.5.3-java/lib/logstash/pipeline.rb:171:in `start_input'"], :level=>:error}