I’m trying to get some HTTP notifications working for our new Graylog server (Graylog 4)
All of our internal sites use certs signed by our own internal CA, so naturally Graylog is having issues with that giving the following error every time I try to test the notification.
Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Now so far I have tried everything I can find and think of to fix the error and nothing has worked.
Imported all certs in the chain for the target server into the jvm keystore
Ensured that they are all under an alias that matches the cert CN
Tested the connection with a simple java SSLPoke file (Works fine, no errors)
Explicitly pointed Graylog at the keystore
Probably a few other things I forgot already.
At this point, I’ve got no idea what else to try to get this to work.
So if anyone has any suggestions please send them my way!
What does you graylog.config file look like for TLS?
How did you create your certificates for Graylog? Maybe show what documentation you used would be helpful.
The chown did it!
Didn’t even think of that, thanks a bunch.
But just for reference, this isn’t for setting up Graylog SSL itself, this was for trying to hit an external service with an HTTP notification from an alert, so the rest of the info about the graylog.config and creating the certs for Graylog wouldn’t have been applicable for the issue.