SSL client fails to connect to Logstashedit

The host running Logstash might be unreachable or the certificate may not be valid. To resolve your issue:

  • Make sure that Logstash is running and you can connect to it. First, try to ping the Logstash host to verify that you can reach it from the host running Journalbeat. Then use either nc or telnet to make sure that the port is available. For example:

    ping <hostname or IP>
    telnet <hostname or IP> 5044
  • Verify that the certificate is valid and that the hostname and IP match.

    For testing purposes only, you can set verification_mode: none to disable hostname checking.

  • Use OpenSSL to test connectivity to the Logstash server and diagnose problems. See the OpenSSL documentation for more info.
  • Make sure that you have enabled SSL (set ssl => true) when configuring the Beats input plugin for Logstash.

Common SSL-Related Errors and Resolutionsedit

Here are some common errors and ways to fix them:

x509: cannot validate certificate for <IP address> because it doesn’t contain any IP SANsedit

This happens because your certificate is only valid for the hostname present in the Subject field.

To resolve this problem, try one of these solutions:

  • Create a DNS entry for the hostname mapping it to the server’s IP.
  • Create an entry in /etc/hosts for the hostname. Or on Windows add an entry to C:\Windows\System32\drivers\etc\hosts.
  • Re-create the server certificate and add a SubjectAltName (SAN) for the IP address of the server. This make the server’s certificate valid for both the hostname and the IP address.

getsockopt: no route to hostedit

This is not a SSL problem. It’s a networking problem. Make sure the two hosts can communicate.

getsockopt: connection refusededit

This is not a SSL problem. Make sure that Logstash is running and that there is no firewall blocking the traffic.

No connection could be made because the target machine actively refused itedit

A firewall is refusing the connection. Check if a firewall is blocking the traffic on the client, the network, or the destination host.