Date: Mon, 25 Nov 2019 17:36:39 +0000 From: bugzilla-noreply@freebsd.org To: elastic@FreeBSD.org Subject: [Bug 241312] sysutils/logstash6 Cipher Error Message-ID: <bug-241312-37421-U4DnhTNgDI@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-241312-37421@https.bugs.freebsd.org/bugzilla/> References: <bug-241312-37421@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241312 --- Comment #26 from Wallace <incin@incin.me> --- I think we have progress, I created a new FreeBSD 11.3 server and SSL certs, installed logstash 6.8.3 from our tree and got it to run on port 5044 with my certs. See log below, some are snips from the log file since I turned on super debug and it spammed the screen and log file. [2019-11-25T16:54:31,180][DEBUG][io.netty.util.internal.NativeLibraryLoader] Unable to load the library 'netty_tcnative_freebsd_x86_64', trying other loading mechanism. [2019-11-25T16:54:31,181][DEBUG][io.netty.util.internal.NativeLibraryLoader] netty_tcnative_freebsd_x86_64 cannot be loaded from java.libary.path, now trying export to -Dio.netty.native.workdir: /tmp [2019-11-25T16:54:31,187][DEBUG][io.netty.util.internal.NativeLibraryLoader] Successfully loaded the library /tmp/libnetty_tcnative_freebsd_x86_647758890754716951252.so [2019-11-25T16:54:31,187][DEBUG][io.netty.handler.ssl.OpenSsl] Initialize netty-tcnative using engine: 'default' [2019-11-25T16:54:31,189][DEBUG][io.netty.handler.ssl.OpenSsl] netty-tcnative using native library: OpenSSL 1.0.2s-freebsd 28 May 2019 ... [2019-11-25T16:54:31,354][DEBUG][io.netty.handler.ssl.ReferenceCountedOpenSslContext] ReferenceCountedOpenSslContext supports -Djdk.tls.ephemeralDHKeySize={int}, but got: matched ... [2019-11-25T16:54:31,379][DEBUG][io.netty.handler.ssl.CipherSuiteConverter] Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 => ECDHE-RSA-AES256-GCM-SHA384 [2019-11-25T16:54:31,379][DEBUG][io.netty.handler.ssl.CipherSuiteConverter] Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 => ECDHE-RSA-AES256-GCM-SHA384 [2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter] Cipher suite mapping: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 => ECDHE-ECDSA-AES256-GCM-SHA384 [2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter] Cipher suite mapping: SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 => ECDHE-ECDSA-AES256-GCM-SHA384 [2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter] Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 => ECDHE-RSA-AES256-SHA384 [2019-11-25T16:54:31,380][DEBUG][io.netty.handler.ssl.CipherSuiteConverter] Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 => ECDHE-RSA-AES256-SHA384 ... (This above section mapped all the SSL suites and was very long in the log file) [2019-11-25T16:54:31,404][DEBUG][io.netty.handler.ssl.OpenSsl] Supported protocols (OpenSSL): [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2] [2019-11-25T16:54:31,404][DEBUG][io.netty.handler.ssl.OpenSsl] Default cipher suites (OpenSSL): [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA] [2019-11-25T16:54:31,411][INFO ][logstash.inputs.beats ] Beats inputs: Starting input listener {:address=>"0.0.0.0:5044"} ... I haven't got this far before, Logstash doesn't crash. It seems to be working but would like to test and view the logs a bit more, this is huge progress. Will report back after the holiday. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-241312-37421-U4DnhTNgDI>