Help Center/ Cloud Search Service/ User Guide/ Using Logstash for Data Migration/ Managing Logstash Clusters/ Managing CA Certificates for a Logstash Cluster
Updated on 2025-09-05 GMT+08:00
View PDF
Share

Managing CA Certificates for a Logstash Cluster

When connecting a Logstash cluster to an Elasticsearch cluster of CSS, you can skip this section and use a default CA certificate. To connect it to other data sources that require security authentication, you need to use a customize certificate by following the procedures described in this topic.

Scenario

  • When a Logstash cluster connects to an Elasticsearch cluster that uses the secure mode and the HTTPS protocol, the default CA certificate preconfigured in CSS can be used to trust the server. Logstash clusters support Viewing Default Certificates.
  • If the Logstash cluster connects to other data sources that require security authentication, you need to upload a custom certificate to trust the server. For details, see Uploading a Custom Certificate.

Viewing Default Certificates

  1. Log in to the CSS management console.
  2. In the navigation pane on the left, choose Clusters > Logstash.
  3. In the cluster list, click the name of the target cluster. The cluster information page is displayed.
  4. Choose Certificate Management > Default Certificates.
  5. On the Default Certificates tab, check the default CA certificate.

Uploading a Custom Certificate

  1. Prepare the custom certificate.
    • The certificate name contains 4 to 32 characters, and must start with a letter, and end with .cer/.crt/.rsa/.jks/.pem/.p10/.pfx/.p12/.csr/.der/.keystore. The value can contain letters, digits, hyphens (-), underscores (_), and periods (.). Other special characters are not allowed.
    • Up to 50 certificates can be uploaded.
    • The certificate file size cannot exceed 1 MB.
  2. Upload the custom certificate to an OBS bucket. For details, see Uploading an Object.
  3. Log in to the CSS management console.
  4. In the navigation pane on the left, choose Clusters > Logstash.
  5. In the cluster list, click the name of the target cluster. The cluster information page is displayed.
  6. Choose Certificate Management > Custom Certificates.
  7. On the Custom Certificates page, click Upload Certificate. In the displayed dialog box, configure the certificate.
    • OBS Bucket: Select the OBS bucket that holds the custom certificate.
    • Certificate Object: Click Select. In the Select Certificate Object dialog box, select the custom certificate that has been uploaded to the OBS bucket in advance and click OK.
  8. Click OK to upload the custom certificate.

    After the custom certificate is uploaded, it is displayed in the certificate list.

  9. To delete a custom certificate that you no longer need, click Delete in the Operation column, and then click OK to confirm the deletion.