I spent hours reading the documentation and the forum and so far no success.
Importing the certificate in the javastore : OK.
I was able to get the login page but after the credential input I have a 404 error:
Error - the server returned: 404 - cannot POST http://IP:9000/system/sessions (404)
This setting works (no TLS):
GRAYLOG_REST_TRANSPORT_URI: http://IP:9000/api
GRAYLOG_WEB_ENDPOINT_URI: http://IP:80/api
Changing the web endpoint to : https://IP/api does not
Any advise welcome 
Please post your complete configuration.
Here is my docker-compose file:
graylog:
image: graylog2/server:latest
container_name: graylog
hostname: graylog
environment:
GRAYLOG_IS_MASTER: "true"
GRAYLOG_PASSWORD_SECRET: somepasswordpepper:)
GRAYLOG_ROOT_PASSWORD_SHA2: whocares?
GRAYLOG_SERVER_JAVA_OPTS: -Xms2g -Xmx4g -XX:NewRatio=1 -XX:MaxMetaspaceSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow
GRAYLOG_REST_TRANSPORT_URI: http://IP:9000/api
GRAYLOG_WEB_ENDPOINT_URI: http://IP:80/api
GRAYLOG_ELASTICSEARCH_HOSTS: http://elasticsearch:9200,http://elasticsearch2:9200
GRAYLOG_MONGODB_URI: mongodb://mongo:27017,mongo2:27017/graylog?replicaSet=graylog
GRAYLOG_TRANSPORT_EMAIL_ENABLED: "true"
depends_on:
- mongo
- elasticsearch
ports:
- "80:9000"
- "514:514/tcp"
- "514:514/udp"
- "1514/udp:1514/udp"
- "5044:5044/tcp"
- "9000:9000"
- "9350:9350"
- "12200-12300:12200-12300/tcp"
- "12200-12300:12200-12300/udp"
- "12900:12900"
networks:
graylog:
aliases:
- graylog
For HTTPS I add/edit:
GRAYLOG_REST_ENABLE_TLS: "true"
GRAYLOG_WEB_ENABLE_TLS: "true"
GRAYLOG_REST_TLS_CERT_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.cert.pem
GRAYLOG_REST_TLS_KEY_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.pkcs8.key.pem
GRAYLOG_WEB_TLS_CERT_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.cert.pem
GRAYLOG_WEB_TLS_KEY_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.pkcs8.key.pem
GRAYLOG_REST_TRANSPORT_URI: https://10.99.107.152:9000/api
GRAYLOG_WEB_ENDPOINT_URI: https://10.99.107.152/
- "443:443"
I spent so much time tweaking and changing… I’m sure it will be obvious for a fresh eye.
Please post your complete configuration of the Graylog Docker container (or the complete docker-compose.yml) as it is right now.
BTW, IP addresses from the 10.0.0.0/8 range are private IP addresses which aren’t routed on the Internet, so you can simply post the configuration as it is without having to redact anything (except for the password secret and root password SHA-256).
Hi,
I know for the 10. range, but I’m a contractor and sometimes this kind of detail is not understood by a manager 
graylog:
image: graylog2/server:latest
container_name: graylog
hostname: graylog
environment:
GRAYLOG_IS_MASTER: "true"
GRAYLOG_PASSWORD_SECRET: somepasswordpepper:)
GRAYLOG_ROOT_PASSWORD_SHA2: whocares?
GRAYLOG_SERVER_JAVA_OPTS: -Xms2g -Xmx4g -XX:NewRatio=1 -XX:MaxMetaspaceSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow
GRAYLOG_REST_ENABLE_TLS: "true"
GRAYLOG_WEB_ENABLE_TLS: "true"
GRAYLOG_REST_TLS_CERT_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.cert.pem
GRAYLOG_REST_TLS_KEY_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.pkcs8.key.pem
GRAYLOG_WEB_TLS_CERT_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.cert.pem
GRAYLOG_WEB_TLS_KEY_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.pkcs8.key.pem
GRAYLOG_REST_TRANSPORT_URI: https://10.99.107.152:9000/api
GRAYLOG_WEB_ENDPOINT_URI: https://10.99.107.152/
GRAYLOG_ELASTICSEARCH_HOSTS: http://elasticsearch:9200,http://elasticsearch2:9200
GRAYLOG_MONGODB_URI: mongodb://mongo:27017,mongo2:27017/graylog?replicaSet=graylog
depends_on:
- mongo
- elasticsearch
ports:
- "80:9000"
- "443:443"
- "514:514/tcp"
- "514:514/udp"
- "1514/udp:1514/udp"
- "5044:5044/tcp"
- "9000:9000"
- "9350:9350"
- "12200-12300:12200-12300/tcp"
- "12200-12300:12200-12300/udp"
- "12900:12900"
networks:
graylog:
aliases:
- graylogThe web_endpoint_uri setting has to point to the public URI of the Graylog REST API.
This is most likely wrong and should be:
- "443:9000"
Thank you for pointing me out in the right direction.
My mistake was to take for granted a working configuration made by someone else and even reading the web interface doc did not help me to understand the web_endpoint_uri problem.
Removing this variable made it works now.
Here is the final working configuration.
graylog:
image: graylog2/server:latest
container_name: graylog
hostname: graylog
environment:
GRAYLOG_IS_MASTER: “true”
GRAYLOG_PASSWORD_SECRET: somepasswordpepper:)
GRAYLOG_ROOT_PASSWORD_SHA2: whoreallycares?
GRAYLOG_SERVER_JAVA_OPTS: -Xms2g -Xmx4g -XX:NewRatio=1 -XX:MaxMetaspaceSize=256m -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow
GRAYLOG_REST_ENABLE_TLS: “true”
GRAYLOG_WEB_ENABLE_TLS: “true”
GRAYLOG_REST_TLS_CERT_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.cert.pem
GRAYLOG_REST_TLS_KEY_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.pkcs8.key.pem
GRAYLOG_WEB_TLS_CERT_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.cert.pem
GRAYLOG_WEB_TLS_KEY_FILE: /usr/share/graylog/data/config/ssl/graylog.prod.lan.pkcs8.key.pem
GRAYLOG_REST_TRANSPORT_URI: https://graylog.prod.lan:9000/api
GRAYLOG_ELASTICSEARCH_HOSTS: http://elasticsearch:9200,http://elasticsearch2:9200
GRAYLOG_MONGODB_URI: mongodb://mongo:27017,mongo2:27017/graylog?replicaSet=graylog
depends_on:
- mongo
- elasticsearch
ports:
- “443:9000”
- “514:514/tcp”
- “514:514/udp”
- “1514/udp:1514/udp”
- “5044:5044/tcp”
- “9000:9000”
- “9350:9350”
- “12200-12300:12200-12300/tcp”
- “12200-12300:12200-12300/udp”
- “12900:12900”
networks:
graylog:
aliases:
- graylog
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.