New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document Certificate Validation Problem with IP in DN instead of Hostname #400
Comments
@gebi I've tried this explanation, but I get gripes from (many!) people who do not even have DNS at all in their infrastructure and insist they require IP SANs. I've given up. Nobody knows how to generate SSL certificates. I'll update teh readme to include |
Oh, I forgot, this was already done.
Is what the readme says right now. Was changed in 0e22bad |
Unless I've misunderstood what you're saying, I think this information is already in the README. |
#402 should include something I hope solves this. |
For people without DNS in their infrastructure and without knowledge of |
Attempt to satisfy elastic#400 Fixes elastic#402
Hi,
As most users are not yet familiar with the picky go implementation about IP in DN please document it in https://github.com/elasticsearch/logstash-forwarder/blob/master/README.md#generating-an-ssl-certificate
Something like:
Go (correctly) does not accept IPs in the DN of a certificate as most other implementations do, thus if you see some error message of logstash-forwarder like:
Please use the hostname of your machine to connect (where the hostname needs to be the
DN
in the certificate) or include IP SANs in your certificate.Would save you a lot of support trouble ;)
The text was updated successfully, but these errors were encountered: