Enable HTTPS using existing certificates bought from GoDaddy

Graylog Central (peer support)
1

I created 3 Node Graylog cluster with all latest version of packages including elasticsearch and magento.
Cluster is up and running, but i am receiving any error.

2020-12-07T11:47:27.008-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/inputstates on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:27.069-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/inputstates on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:27.928-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:28.242-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:29.982-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:30.030-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:30.893-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:31.071-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:31.979-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:32.731-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:33.999-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:34.091-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:34.955-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:36.533-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:36.571-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:36.955-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:38.052-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:38.904-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:40.054-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:40.106-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:40.970-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:42.098-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:42.143-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:42.836-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:43.777-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:44.177-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:44.837-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:46.158-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:46.206-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:47.193-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:47.726-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:48.948-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:49.950-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:50.143-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:50.931-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:51.067-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:51.836-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:52.722-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:53.728-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:53.993-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:54.239-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:55.712-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
^R
2020-12-07T11:47:56.779-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system/metrics/multiple on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2020-12-07T11:47:56.795-08:00 WARN  [ProxiedResource] Unable to call http://prod-gl-sv-1:9000/api/system on node <dd62ae0e-5a50-4354-b2b7-facbdcad3aa4>: unexpected end of stream on http://prod-gl-sv-1:9000/...
2

I followed all steps in https://docs.graylog.org/en/4.0/pages/configuration/https.html and generated keys. But still it is throwing error.

3

Hi @vneerukonda :wave:,

First, welcome to the Graylog Community. The folks around here are generally happy to help. Before we get too into the weeds of what’s going on, I’d suggest reading the community FAQ: https://community.graylog.org/faq . They cover a number of things, but most pertinent to your issue:

  • Surround your code with ```. It’ll make our job of reading your errors and configs just a bit easier
  • Provide some (sanitized) configs. While error messages can be helpful, there’s (usually) a reason for the errors and seeing your configs helps everyone involved.
  • Tell us what you’ve tried. We can see you mentioned a particular doc, but that doesn’t tell us that you followed it to the letter, or got hung up on a particular part. Given that you’re seeing errors, I’d reckon that there’s probably a step that was missed, or something wasn’t configured correctly

Following those steps (in particular, the bits I mentioned above) should help us get you on the right track.

1 Like
4

1 step.Convert certs into the following format:

openssl pkcs12 -in WILDCARD.pfx -clcerts -nokeys -out graylog.cer
openssl pkcs12 -in WILDCARD.pfx -nocerts -nodes -out graylog.key

2 step. Change the Graylog configuration

http_publish_uri = https://gl.domain.com:9000/
http_enable_tls = true
http_tls_cert_file = /etc/graylog/server/ graylog.cer
http_tls_key_file = /etc/graylog/server/graylog.key
#http_tls_key_password = secret

3 step: Copy Java Keystore to any folder:

cp -a /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts /etc/graylog/server/cacerts.jks

4 step. Add this to JVM settings in /etc/default/graylog-server

-Djavax.net.ssl.trustStore=/etc/graylog/server/cacerts.jks -Djavax.net.ssl.trustStorePassword=changeit

5 step. Import certificate into the Keystore

keytool -importcert -keystore /etc/graylog/server/cacerts.jks -storepass changeit -alias gl.domain.com -file /etc/graylog/server/graylog.cer

restart Graylog services

5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.