Host name “<ip addr>” does not match certificate subject provided by peer

ES v2.4.1 and corresponding v2.4.1 Searchguard-SSL and Searchguard plugins

i used the Searchguard SSL script to generate my cert/key/jks files, with modifications to the DN. I copied the *.jks file to /etc/elasticsearch.

I have Logstash setup to index into ES, with the output setup this way

    output {
elasticsearch {
user => logstash
password => 'pw'
ssl => true
ssl_certificate_verification => true
truststore => "/etc/elasticsearch/truststore.jks"
truststore_password => pw
hosts => ["https://10.x.x.26:9200"]
index => "logstash-%{customer}"
}
}

I get the following from the logstash logs

"Host name '10.x.x.26' does not match the certificate subject provided by the peer (CN=10.x.x.26, OU=Company, O=DevOps, L=Raleigh, C=US)",

How do I fix this?

This looks like the same issue, no resolution though: https://groups.google.com/forum/#!topic/elasticsearch-community/QxL2jGCZzgw.

···

On Wednesday, October 19, 2016 at 4:15:05 PM UTC-4, ZillaYT wrote:

ES v2.4.1 and corresponding v2.4.1 Searchguard-SSL and Searchguard plugins

i used the Searchguard SSL script to generate my cert/key/jks files, with modifications to the DN. I copied the *.jks file to /etc/elasticsearch.

I have Logstash setup to index into ES, with the output setup this way

    output {
elasticsearch {
user => logstash
password => 'pw'
ssl => true
ssl_certificate_verification => true
truststore => "/etc/elasticsearch/        truststore.jks"
truststore_password => pw
hosts => ["[https://10.x.x.26:9200](https://10.x.x.26:9200)        "]
index => "logstash-%{customer}"
}
}

I get the following from the logstash logs

"Host name '10.x.x.26' does not match the certificate subject provided by the peer (CN=10.x.x.26, OU=Company, O=DevOps, L=Raleigh, C=US)",

How do I fix this?