Erro de handshake de TLS do Logstash-forwarder - Servidor selecionado versão de protocolo não suportada 301

3

Eu tenho o problema abaixo apenas com o windows. Eu tentei com o Linux e funciona bem.

Quando eu corro:

.\logstash-forwarder-master.exe -config .\logstash-forwarder2.conf 

Com logstash-forwarder2.conf:

{
  "network": {
  "servers": [ "10.0.1.136:5034" ],
  "ssl key": "C:\Program Files (x86)\logstash-forwarder-master\certs\logstash-forwarder.key",
  "ssl certificate": "C:\Program Files (x86)\logstash-forwarder-master\certs\logstash-forwarder.crt",
  "ssl ca": "C:\Program Files (x86)\logstash-forwarder-master\certs\logstash-forwarder.crt",

   "timeout": 15
},

"files": [
  {
      "paths": [ 
      "C: \logs\example.log"
      ]
  }
 ]
}

Eu recebo o seguinte erro:

Failed to tls handshake with 10.0.1.136 tls: Server selected unsupported protocol version 301

No entanto, quando eu corro:

C:\OpenSSL-Win32\bin\openssl.exe s_client -showcerts -connect 10.0.1.136:5034

Eu recebo:

Loading 'screen' into random state - done
CONNECTED(00000118)
depth=0 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
verify error:num=18:self signed certificate
verify return:1
depth=0 C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
verify return:1
---
Certificate chain
0 s:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
  i:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
-----BEGIN CERTIFICATE-----
 omitted
-----END CERTIFICATE-----
---
Server certificate
subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
---
No client certificate CA names sent
---
SSL handshake has read 1012 bytes and written 621 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : RC4-SHA
    Session-ID: 54B3A8D9594F45F1562FA16A462766CE72918E11A2E92EC1429FFD721F6637E5
    Session-ID-ctx:
    Master-Key: 7C59315873B89D1C8DE678BECDF11F4E458A6B987BB2C8A55548207BD95121156889FC14F1247F38DB1CD0F9D794D050
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1421060929
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
    
por Riccardo 12.01.2015 / 12:47

1 resposta

1

Não importa,

Eu desinstalei o cliente logstash-forwarder e instalei outro cliente logstash-forwarder

Eu recebi este erro:

Failed to tls handshake with 10.0.1.136:5034 tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config

e encontrei a solução deste aqui

Adicionando esta linha

tlsconfig.InsecureSkipVerify = true

E agora funciona bem

    
por 13.01.2015 / 12:43