我试图将JKS证书转换为Logstash v5.1的PKCS8。 我在这里找到了一个例子:https://stackoverflow.com/a/656559
keytool -importkeystore -srckeystore foo.jks -destkeystore foo.p12 /
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem
openssl pkcs12 -in foo.p12 -nocerts -out key.pem
openssl pkcs8 -in key.pem -topk8 -out p8key.pem
但是在尝试运行logstash时会产生以下错误:
ERROR logstash.inputs.beats - Looks like you either have an invalid key or your private key was not in PKCS8 format.
{:exception=>java.lang.IllegalArgumentException: File does not contain valid private key: /ELK/logstash/SSL/p8key.pem}
我还尝试使用-nocrypt标志转换为pkcs8,并收到此错误:
ERROR org.logstash.beats.BeatsHandler - Exception: not an SSL/TLS record
答案 0 :(得分:1)
此错误的原因:
ERROR logstash.inputs.beats - Looks like you either have an invalid key or your private key was not in PKCS8 format.
{:exception=>java.lang.IllegalArgumentException: File does not contain valid private key: /ELK/logstash/SSL/p8key.pem}
是因为未在logstash输入中设置ssl_key_passphrase => "password"。
这个错误:
ERROR org.logstash.beats.BeatsHandler - Exception: not an SSL/TLS record
是因为非SSL / TLS流量试图通过SSL / TLS端口。在这种情况下,罪魁祸首是filebeat。
https://www.elastic.co/guide/en/x-pack/current/security-troubleshooting.html