[Bug 241312] sysutils/logstash6 Cipher Error
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Nov 25 17:36:40 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241312
--- Comment #26 from Wallace <incin at incin.me> ---
I think we have progress, I created a new FreeBSD 11.3 server and SSL certs,
installed logstash 6.8.3 from our tree and got it to run on port 5044 with my
certs. See log below, some are snips from the log file since I turned on super
debug and it spammed the screen and log file.
[2019-11-25T16:54:31,180][DEBUG][io.netty.util.internal.NativeLibraryLoader]
Unable to load the library 'netty_tcnative_freebsd_x86_64', trying other
loading mechanism.
[2019-11-25T16:54:31,181][DEBUG][io.netty.util.internal.NativeLibraryLoader]
netty_tcnative_freebsd_x86_64 cannot be loaded from java.libary.path, now
trying export to -Dio.netty.native.workdir: /tmp
[2019-11-25T16:54:31,187][DEBUG][io.netty.util.internal.NativeLibraryLoader]
Successfully loaded the library
/tmp/libnetty_tcnative_freebsd_x86_647758890754716951252.so
[2019-11-25T16:54:31,187][DEBUG][io.netty.handler.ssl.OpenSsl] Initialize
netty-tcnative using engine: 'default'
[2019-11-25T16:54:31,189][DEBUG][io.netty.handler.ssl.OpenSsl] netty-tcnative
using native library: OpenSSL 1.0.2s-freebsd 28 May 2019
...
[2019-11-25T16:54:31,354][DEBUG][io.netty.handler.ssl.ReferenceCountedOpenSslContext]
ReferenceCountedOpenSslContext supports -Djdk.tls.ephemeralDHKeySize={int}, but
got: matched
...
[2019-11-25T16:54:31,379][DEBUG][io.netty.handler.ssl.CipherSuiteConverter]
Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 =>
ECDHE-RSA-AES256-GCM-SHA384
[2019-11-25T16:54:31,379][DEBUG][io.netty.handler.ssl.CipherSuiteConverter]
Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 =>
ECDHE-RSA-AES256-GCM-SHA384
[2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter]
Cipher suite mapping: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 =>
ECDHE-ECDSA-AES256-GCM-SHA384
[2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter]
Cipher suite mapping: SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 =>
ECDHE-ECDSA-AES256-GCM-SHA384
[2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter]
Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 =>
ECDHE-RSA-AES256-SHA384
[2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter]
Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 =>
ECDHE-RSA-AES256-SHA384
... (This above section mapped all the SSL suites and was very long in the log
file)
[2019-11-25T16:54:31,404][DEBUG][io.netty.handler.ssl.OpenSsl] Supported
protocols (OpenSSL): [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]
[2019-11-25T16:54:31,404][DEBUG][io.netty.handler.ssl.OpenSsl] Default cipher
suites (OpenSSL): [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA]
[2019-11-25T16:54:31,411][INFO ][logstash.inputs.beats ] Beats inputs:
Starting input listener {:address=>"0.0.0.0:5044"}
...
I haven't got this far before, Logstash doesn't crash. It seems to be working
but would like to test and view the logs a bit more, this is huge progress.
Will report back after the holiday.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-elastic
mailing list