Open Tejaswi43 opened 4 months ago
Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)
@Tejaswi43 can you try with the spelling ECDHE-ECDSA-AES-128-GCM-SHA256
or ECDHE-RSA-AES-128-GCM-SHA256
or RSA-AES-128-GCM-SHA256
as listed here, based on your expectations?
TLS_AES_128_GCM_SHA256
is not supported I believe, and it looks likes to be a spelling error
Thanks for the reply @jeanfabrice yeah its a spelling error seems to be only the list of ciphers mentioned in official documention are supported to configure and also tls1.3 ciphers seems to not supported to configure seperately
@teja431 The cipher list comes straight from the Go crypto/tls library
Regarding TLS 1.3, it looks like it is related to the same library as described in the documentation
Note that if TLS 1.3 is enabled (which is true by default), then the default TLS 1.3 cipher suites are always included, because Go’s standard library adds them to all connections. In order to exclude the default TLS 1.3 ciphers, TLS 1.3 must also be disabled, e.g. with the setting ssl.supported_protocols = [TLSv1.2].
// CipherSuites is a list of enabled TLS 1.0–1.2 cipher suites. The order of // the list is ignored. Note that TLS 1.3 ciphersuites are not configurable.
I want to configure particular cipher suites to be used by filebeat to connect with logstash. While using ssl.cipher_suites I was getting below error log
{"log.level":"error","@timestamp":"2024-05-28T06:28:10.029Z","log.origin":{"function":"github.com/elastic/beats/v7/libbeat/cmd/instance.handleError","file.name":"instance/beat.go","file.line":1312},"message":"Exiting: 1 error initializing publisher: could not setup output certificates reloader: unpacking 'ssl' config: invalid tls cipher suite 'TLS_AES_128_GCM_SHA256' accessing 'output.logstash.ssl.cipher_suites.0' (source:'/opt/filebeat/filebeat.yml')","service.name":"filebeat","ecs.version":"1.6.0"}
And with all same setup I tried with cipher_suites then it worked. Is there any specific configuration I missed or suggestions to check?