Log Stream unable to verify the first certificate

Problem statement

We have upgraded our Logstash to Logstreaming with the steps provided, but we see an error after configuration. “could not reach endpoint”.

Error in the Health tab:

Cause

Unlike browsers, openSSL and by extension, the log stream webhook cannot perform discovery on a single certificate to retrieve the full chain, and thus cannot verify a certificate issued by another intermediate CA.

Solution

The application listening for the log stream data must be accessible to Auth0 outbound IPs (Auth0 IP Addresses for Allow Lists). And it must present the full certificate chain for SSL handshakes to Auth0 so Auth0 can verify the server certificate.

Creating a certificate chain can be as simple as adding the root, intermediate, and server certificates one after another in the same .pem or .crt file. Here is an example:

https://www.digicert.com/kb/ssl-support/pem-ssl-creation.htm