Can only pass .crt as cacert, not pem

[Rambatino]

Please post all product and debugging questions on our forum. Your questions will reach our wider community members there, and if we confirm that there is a bug, then we can open a new issue here.

For all general issues, please provide the following details for fast resolution:

• Version: 7.6.1
• Operating System: K8s Helm Chart
• Config File (if you have sensitive info, please remove it):

logstashPipeline:
  logstash.conf: |
    input {
      beats {
        port => 5044
      }
    }

    filter {
       json {
         source =>"message"
       }
     }

    output {
      elasticsearch {
        hosts => ["https://elasticsearch-master:9200"]
        user => "${LOGSTASH_USERNAME}"
        ssl => true
        cacert => "/usr/share/logstash/config/certs/elastic-certificate.pem"
        password => "${LOGSTASH_PASSWORD}"
        index => "logstash-%{+yyyy.MM.dd}"
      }
    }

• Steps to Reproduce:

• pass a pem cacert to cacert parameter.

Get errors on boot up:

[2020-03-26T08:42:02,607][ERROR][logstash.javapipeline ][main] Pipeline aborted due to error {:pipeline_id=>"main", :exception=>java.security.cert.CertificateParsingException: signed fields invalid

However,

convert pem -> crt using:

openssl x509 -outform der -in elastic-certificate.pem -out elastic-certificate.crt

And pass a crt instead fixes the problem.

Implying that pem are not accepted in the elasticsearch output, however, they are documented as being accepted:

(https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html#plugins-outputs-elasticsearch-cacert)

[patricktg]

I can confirm this also happens in logstash 6.8.12. PEM format not supported, must be DER for the cacert.

[tsn77130]

Still happens on logstash 7.6, I've lost a day following documentaion before reading this post ...

[holiiveira]

Still happens on Logstash 7.12.0

[leemp]

still the case in 7.15.0