Winlogbeat TLS, with no mutual auth certificates

Hello all!

Newbie here.
I digged up the internet with no avail, so here I am opening a new Topic with a 5 miute old forum user.

I would like to have TLS communcation between by winlogbeat, and the Graylog server, but All I could find, is how to set up ,MUTUAL authentication certificate-to-certificate based communication.

Here is the problem:
I did not find any info how to set up so the config doesn’t use mutual certificate authentication.
The graylog server HAS a valid certificate, and it works Like a charm.
The graylog server’s Beats input HAS a vaild certificate.
The SideCar does NOT have a client certificate, and I would like to keep it that way.

Who is this done, what do I need to add to the winlogbeat collector config?

what about the documentation?

that might guide you


Almost, but still no luck.
I see that this article describes how to set up mutual authentication,
But I don’t want to deal with client certificates.

Like the way normal websites work. The server has indeed a SSL cert, and I want to verify the graylog Beats’ input certificate. But I don’t want to offer any certificates as a collector.

I found this:
hosts: [“graylogserver:5044”]
ssl.certificate_authorities: ["/etc/ca.pem"]
ssl.certificate: “/etc/client.crt”
ssl.key: “/etc/client.key”

But insted I’mlooking for something like this:
hosts: [“”]
ssl.enabled: true

Or if nothing else:
hosts: [“”]
ssl.certificate: /serialnumber of my cert in the local computer cert store/

The thing I want to avoid is the creation and maintenance of client computer certificates.

Turn out ALL i needed was:

hosts: [“graylog.local.server:5045”]
ssl.enabled: true

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.