Activate HTTPS on Single Node

Hi Community,

I have installed Graylog 5.2.2 with OpenSearch for testing and documentation purposes on a Debian 11 system and it also works in this minimal configuration. As a next step I want to secure the access to the WebGUI with HTTPS and have created a self-signed certificate and the private key and entered both in the Graylog configuration. Unfortunately, the server no longer starts after configuring the following parameters:

http_publish_uri = https://graylog.test.de:9000/
http_external_uri = https://graylog.test.de:9000
http_enable_tls = true
http_tls_cert_file = /etc/ssl/graylog/graylog.crt
http_tls_key_file = /etc/ssl/graylog/graylog.key

The URL is accessible via a configuration of my hosts file with the correct IP address and the certificate is issued to this FQDN.

When I restart the server, the following service status is displayed and the following log is generated.

root@Graylog2:/etc/ssl/graylog# systemctl status graylog-server.service
● graylog-server.service - Graylog server
     Loaded: loaded (/lib/systemd/system/graylog-server.service; enabled; vendor preset: enabled)
     Active: activating (auto-restart) (Result: exit-code) since Wed 2024-01-03 16:21:18 CET; 4s ago
       Docs: http://docs.graylog.org/
    Process: 5705 ExecStart=/usr/share/graylog-server/bin/graylog-server (code=exited, status=1/FAILURE)
   Main PID: 5705 (code=exited, status=1/FAILURE)
        CPU: 2.139s

Jan 03 16:21:18 Graylog2 systemd[1]: graylog-server.service: Main process exited, code=exited, status=1/FAILURE
Jan 03 16:21:18 Graylog2 systemd[1]: graylog-server.service: Failed with result 'exit-code'.
Jan 03 16:21:18 Graylog2 systemd[1]: graylog-server.service: Consumed 2.139s CPU time.
2024-01-03T16:20:57.335+01:00 INFO  [Server] SIGNAL received. Shutting down.
2024-01-03T16:20:57.339+01:00 INFO  [GracefulShutdown] Graceful shutdown initiated.
2024-01-03T16:20:57.341+01:00 INFO  [GracefulShutdown] Node status: [Override lb:DEAD [LB:DEAD]]. Waiting <3sec> for possible load balancers to recognize state change.
2024-01-03T16:21:00.362+01:00 INFO  [Buffers] Waiting until [INPUT, PROCESS, OUTPUT] buffers are empty.
2024-01-03T16:21:00.364+01:00 INFO  [Buffers] All buffers are empty. Continuing.
2024-01-03T16:21:00.366+01:00 INFO  [OutputSetupService] Stopping output org.graylog2.outputs.BlockingBatchedESOutput
2024-01-03T16:21:00.368+01:00 INFO  [GracefulShutdownService] Running graceful shutdown for <1> shutdown hooks
2024-01-03T16:21:00.370+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.ClusterHealthCheckThread].
2024-01-03T16:21:00.371+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.IndexerClusterCheckerThread].
2024-01-03T16:21:00.371+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.IndexBlockCheck].
2024-01-03T16:21:00.372+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.IndexRetentionThread].
2024-01-03T16:21:00.373+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.IndexRotationThread].
2024-01-03T16:21:00.373+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.VersionCheckThread].
2024-01-03T16:21:00.376+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.ThrottleStateUpdaterThread].
2024-01-03T16:21:00.377+01:00 INFO  [GracefulShutdownService] Initiate shutdown for <JobWorkerPool>
2024-01-03T16:21:00.378+01:00 INFO  [JobSchedulerService] Shutdown of job heartbeat executor
2024-01-03T16:21:00.378+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.events.ClusterEventPeriodical].
2024-01-03T16:21:00.379+01:00 INFO  [GracefulShutdownService] Finished shutdown for <JobWorkerPool>, took 1 ms
2024-01-03T16:21:00.379+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.events.ClusterEventCleanupPeriodical].
2024-01-03T16:21:00.379+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.IndexRangesCleanupPeriodical].
2024-01-03T16:21:00.380+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.TrafficCounterCalculator].
2024-01-03T16:21:00.381+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.indexer.fieldtypes.IndexFieldTypePollerPeriodical].
2024-01-03T16:21:00.381+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog.scheduler.periodicals.ScheduleTriggerCleanUp].
2024-01-03T16:21:00.381+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.periodical.ESVersionCheckPeriodical].
2024-01-03T16:21:00.381+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.telemetry.cluster.TelemetryClusterInfoPeriodical].
2024-01-03T16:21:00.382+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog2.bootstrap.preflight.GraylogCertificateProvisioningPeriodical].
2024-01-03T16:21:00.382+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog.plugins.sidecar.periodical.PurgeExpiredSidecarsThread].
2024-01-03T16:21:00.382+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog.plugins.sidecar.periodical.PurgeExpiredConfigurationUploads].
2024-01-03T16:21:00.383+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog.plugins.views.search.db.SearchesCleanUpJob].
2024-01-03T16:21:00.383+01:00 INFO  [Periodicals] Shutting down periodical [org.graylog.events.periodicals.EventNotificationStatusCleanUp].
2024-01-03T16:21:00.383+01:00 INFO  [GracefulShutdown] Goodbye.
2024-01-03T16:21:00.384+01:00 INFO  [FailureSubmissionQueue] [FailureHandlerService#triggerShutdown] Total number of submitted batches: 0 (0 failures), total number of consumed batches: 0 (0 failures)
2024-01-03T16:21:00.384+01:00 INFO  [FailureHandlingService] The service's thread has been interrupted. The queue currently contains 0 failure batches.
2024-01-03T16:21:00.385+01:00 INFO  [JerseyService] Shutting down HTTP listener at <192.168.178.66:9000>
2024-01-03T16:21:00.395+01:00 INFO  [LocalKafkaMessageQueueReader] Stopping.
2024-01-03T16:21:00.415+01:00 INFO  [LookupDataAdapterRefreshService] Stopping 0 jobs
2024-01-03T16:21:00.418+01:00 INFO  [LogManager] Shutting down.
2024-01-03T16:21:00.420+01:00 INFO  [NetworkListener] Stopped listener bound to [192.168.178.66:9000]
2024-01-03T16:21:00.427+01:00 INFO  [LogManager] Shutdown complete.
2024-01-03T16:21:03.385+01:00 INFO  [FailureHandlingService] Shutting down the service. Processed 0 remaining failure batches.
2024-01-03T16:21:03.385+01:00 INFO  [FailureSubmissionQueue] [FailureHandlerService#shutDown] Total number of submitted batches: 0 (0 failures), total number of consumed batches: 0 (0 failures)
2024-01-03T16:21:03.385+01:00 INFO  [ServiceManagerListener] Services are now stopped.
2024-01-03T16:21:06.469+01:00 INFO  [ImmutableFeatureFlagsCollector] Following feature flags are used: {default properties file=[frontend_hotkeys=on, field_types_management=on, cloud_inputs=on, scripting_api_preview=on, composable_index_templates=off, search_filter=on, preflight_web=on, instant_archiving=off]}
2024-01-03T16:21:06.952+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: "http_external_uri" must end with a slash ("/")
	at org.graylog2.configuration.HttpConfiguration.validateHttpExternalUriPathEndsWithSlash(HttpConfiguration.java:246) ~[graylog.jar:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
	at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:233) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:102) ~[graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:498) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.doRun(CmdLineTool.java:286) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:260) [graylog.jar:?]
	at org.graylog2.bootstrap.Main.main(Main.java:55) [graylog.jar:?]
2024-01-03T16:21:17.874+01:00 INFO  [ImmutableFeatureFlagsCollector] Following feature flags are used: {default properties file=[frontend_hotkeys=on, field_types_management=on, cloud_inputs=on, scripting_api_preview=on, composable_index_templates=off, search_filter=on, preflight_web=on, instant_archiving=off]}
2024-01-03T16:21:18.272+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: "http_external_uri" must end with a slash ("/")
	at org.graylog2.configuration.HttpConfiguration.validateHttpExternalUriPathEndsWithSlash(HttpConfiguration.java:246) ~[graylog.jar:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
	at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:233) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:102) ~[graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:498) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.doRun(CmdLineTool.java:286) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:260) [graylog.jar:?]
	at org.graylog2.bootstrap.Main.main(Main.java:55) [graylog.jar:?]
2024-01-03T16:21:29.106+01:00 INFO  [ImmutableFeatureFlagsCollector] Following feature flags are used: {default properties file=[frontend_hotkeys=on, field_types_management=on, cloud_inputs=on, scripting_api_preview=on, composable_index_templates=off, search_filter=on, preflight_web=on, instant_archiving=off]}
2024-01-03T16:21:29.383+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: "http_external_uri" must end with a slash ("/")
	at org.graylog2.configuration.HttpConfiguration.validateHttpExternalUriPathEndsWithSlash(HttpConfiguration.java:246) ~[graylog.jar:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
	at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:233) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:102) ~[graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:498) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.doRun(CmdLineTool.java:286) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:260) [graylog.jar:?]
	at org.graylog2.bootstrap.Main.main(Main.java:55) [graylog.jar:?]
2024-01-03T16:21:40.389+01:00 INFO  [ImmutableFeatureFlagsCollector] Following feature flags are used: {default properties file=[frontend_hotkeys=on, field_types_management=on, cloud_inputs=on, scripting_api_preview=on, composable_index_templates=off, search_filter=on, preflight_web=on, instant_archiving=off]}
2024-01-03T16:21:40.891+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: "http_external_uri" must end with a slash ("/")
	at org.graylog2.configuration.HttpConfiguration.validateHttpExternalUriPathEndsWithSlash(HttpConfiguration.java:246) ~[graylog.jar:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
	at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:233) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:102) ~[graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:498) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.doRun(CmdLineTool.java:286) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:260) [graylog.jar:?]
	at org.graylog2.bootstrap.Main.main(Main.java:55) [graylog.jar:?]
2024-01-03T16:21:51.874+01:00 INFO  [ImmutableFeatureFlagsCollector] Following feature flags are used: {default properties file=[frontend_hotkeys=on, field_types_management=on, cloud_inputs=on, scripting_api_preview=on, composable_index_templates=off, search_filter=on, preflight_web=on, instant_archiving=off]}
2024-01-03T16:21:52.186+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: "http_external_uri" must end with a slash ("/")
	at org.graylog2.configuration.HttpConfiguration.validateHttpExternalUriPathEndsWithSlash(HttpConfiguration.java:246) ~[graylog.jar:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
	at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
	at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
	at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:233) ~[graylog.jar:?]
	at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:102) ~[graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:498) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.doRun(CmdLineTool.java:286) [graylog.jar:?]
	at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:260) [graylog.jar:?]
	at org.graylog2.bootstrap.Main.main(Main.java:55) [graylog.jar:?]

What else do I have to set for this to work or what have I configured incorrectly or what error have I made?

Thx in advance & Bye CD

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.