To view the SSL Certificate Expiry Notice it can be found here.
The updated certificate file contains both the old and new root certificates and should be updated as soon as possible, if you have any issues with the new certificate, please contact us.
Rsyslog
If you’re not sending over an encrypted connection no changes are required, but we would urge you to upgrade to a TLS endpoint.
Look for the double @@ before the logstash address to confirm.
Sample configuration snippet:
$DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/root.logit.io.crt
$ActionSendStreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode x509/name
$ActionSendStreamDriverPermittedPeer *.logit.io
*.* @@YOUR-LOGSTASH-ENDPOINT:YOUR-SYSLOG-SSL-PORT"]
Rsyslog will only accept a single file name to verify the SSL connection with, but you can have more than one certificate in that file.
Replace the certificate file with a new file available from here
Restart rsyslog and confirm it’s reconnected and still sending data and reporting no errors.
Legacy Filebeat / Metricbeat / Other Elastic Beats
With older configurations (typically v1.3 or below) you may have specified a certificate_authority and will need to update the intermediate.crt on your system, see below and example:
output.logstash:
hosts: ["YOUR-LOGSTASH-ENDPOINT:YOUR-BEATS-SSL-PORT"]
tls:
certificate_authorities: ['/etc/pki/tls/certs/root.logit.io.crt']
enabled: true
Please download the new certificate and replace the old intermediate.crt.
Newer configurations that do not specify a certificate_authority are unlikely to require configuration changes, however you may need to add our intermediate to your certificate store as per your OS defaults, see below for an example which requires no action:
output.logstash:
hosts: ["YOUR-LOGSTASH-ENDPOINT:YOUR-BEATS-SSL-PORT"]
ssl.enabled: true