So I enabled HTTPS and that’s where this “bug” began appearing. Looking at the server.log file I see it’s being pegged with:
2020-03-05T13:55:41.018-05:00 WARN [ProxiedResource] Unable to call https://188.8.131.52:8443/api/system/inputstates on node <51707e26-34de-4563-990d-1008916b3609>: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
One after the other these are piling in. So I followed the instructions for using a self signed cert (the one I was using was signed by my companies internal CA which is not trusted in the cacerts java keystore) so I do that and add that cert into the cacerts keystore following all documentation found here: http://docs.graylog.org/en/2.3/pages/configuration/https.html#creating-a-self-signed-private-key-certificate
Even after following those instructions and rebooting the entire box the error still persists. BUT I’m still getting log messages in, even though the inputs say not running. I’m at a loss, but every things working just that log file is going to be massive if it keeps thinking the inputs aren’t running.
I also see this error in the same log file:
2020-03-05T13:54:54.842-05:00 WARN [ProxiedResource] Unable to call https://184.108.40.206:8443/api/system/metrics/multiple on node <51707e26-34de-4563-990d-1008916b3609>: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The input one only appears when you visit the input tab on the graylog server, but log messages still come in…
startup file for graylog:
When a JVM receives a SIGTERM signal it exits with 143.
Make sure stderr/stdout is captured in the systemd journal.