search

elastic / logstash

Logstash - transport and process your logs, events, or other data
https://www.elastic.co/products/logstash
Other
14.18k stars 3.5k forks source link

X-pack monitoring has broken certificate verification #10524

Open vbohata opened 5 years ago

vbohata commented 5 years ago

For some time I see in logstash logs messages like: [2019-03-08T19:20:21,169][WARN ][logstash.outputs.elasticsearch] WARNING Detected UNSAFE options in elasticsearch output configuration! WARNING You have enabled encryption but DISABLED certificate verification. WARNING To make sure your data is secure change :ssl_certificate_verification to true

This is related to xpack monitoring. I do not use elasticsearch output plugins in this logstash. Xpack monitoring related config is:

xpack: monitoring: elasticsearch: password: somepass ssl: ca: someca.crt url:

If I change it to:

xpack: monitoring: elasticsearch: password: somepass ssl: ca: someca.crt verification_mode: full url:

I get: [2019-03-08T19:26:42,852][FATAL][logstash.runner ] An unexpected error occurred! {:error=>#<ArgumentError: Invalid value "full". Options are: ["none", "certificate"]>

From the logs I can see the LS really configures elasticsearch output with ssl_certificate_verification=>false but I did not configure it anywhere, I even do not use elasticsearch output (only xpack ES monitoring).

So this seems to be LS bug. It is at least in LS 6.5.x and 6.6.x.

fe7ch commented 5 years ago

Still present in LS 6.8.0, despite documentation says you should set *.ssl.verification_mode to full.

mohclips commented 4 years ago

I am seeing this in 7.4

danlsgiga commented 4 years ago

Same in 7.5.1

karthikeyantvrs commented 4 years ago

I am also getting same message in logstash 7.6.0

vaguechannels commented 4 years ago

getting same message in logstash 7.6.2

anmancipe commented 3 years ago

Same issue on 7.9.2