Logstash : How to configure certificate for input source & output destination for OpenSearch Logstash

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
OpenSearch - 2.18.0

Describe the issue:
How to configure the certificate for input source & output destination for OpenSearch Logstash. Below configuration is not working for me.

Configuration:
input {
opensearch {
hosts => [“https://HOST1:9200”]
index => “my_source_index”
query => ‘{ “query”: { “match_all”: {}} }’
ssl_certificate_authorities => [“/user/certificate_src/CA.pem”]
ssl_certificate => “/user/certificates_src/client.pem”
ssl_key => “/user/certificate_src/client.key”
ssl => true
}
}

output {
opensearch {
hosts => [“https://HOST2:9200”]
index => “my_dest_index”
ecs_compatibility => “disabled”
ssl_certificate_authorities => [“/user/certificate_dest/CA.pem”]
ssl_certificate => “/user/certificate_dest/client.pem”
ssl_key => “/user/certificate_dest/client.key”
ssl => true
}
}

Relevant Logs or Screenshots:

image1664×154 18.7 KB

@jmeher As per “Logstash OpenSearch input plugin” code you have two options.

1. Set ssl to true (ssl => true). This will disable SSL certificate verification.
2. Set ssl and ca_file (ssl => true, ca_file => “path to OpenSearch node root-ca.pem file”). This will enable SSL verification.

There is no client certificate authentication for the input plugin.