Client auth enabled not working with Letsencrypt certificate

@jan

That is what I am doing. In graypy, I am initiating connection with certfile and chain of certs for verification. Same certfile is linked to TLS client auth file in graylog.

If I dont give it or give wrong file, then graylog gives error. that means graylog is able to validate the certificate.

But then it doesnt show anything in input messages… no error in server.log. its failing silently.

@jan

Please help me in this.

you do not share anything - means how should I say why your code is not working when you do not share that?

From my end all is said

@jan Please tell me what code do you need?

Do you need sender’s code?
Below is the min connection script. it is working fine if I remove client auth in GELF configuration.

#graypy_conn.py

import logging
import graypy

my_logger = logging.getLogger('test_logger')
my_logger.setLevel(logging.DEBUG)

handler = graypy.GELFTLSHandler(
                          host='graylog.example.com',
                          port=12201,
                       certfile='/letsencrypt_d/certs/domain.com/fullchain.pem',
                          ca_certs='/letsencrypt_d/certs/domain.com/cert.pem',
                          validate=True
                          )
my_logger.addHandler(handler)

my_logger.debug('Hello Graylog3')

you actually use tls authentication for the connection (as I understand that settings for the lib) but you are not saying use that certificate and authenticate with that …

But a) I’m not a python expert and b) I do not know what Graypy is capable doing.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.