Hi there… I am definitely a newbie to Graylog. I am currently trying to get TLS (h t t p s) working on a fresh install. Cert setup/delpoyment is pretty new to me. I am glad this isn’t a public facing system which is best for learning in my opinion.
I followed this to get Graylog setup on a fresh built VM… (Had to put in a reply to this)
I have done very little with it so far… I have logged into and setup an account for me to use so that I am not always working as an admin within it… I wanted to get TLS setup before i get to far into my learning experience with graylog. I am trying to use the certificate that I purchased from sectigo . com. I do not want to have it facing the public internet but I do want it to have a secure login so that i know info isn’t being sent in plain text…
So… Pardon my ignorance if i am miss understanding somethings…
1. Describe your incident:
I am trying to get TLS setup for my install. I am following… (I had to put in a relpy to this)
I am at the “Import Certs” section and trying to run the following like it says…
sudo openssl x509 -inform der -in enterpriseRootCA.cer -out enterpriseRootCA.pem
and i get the following error:
gladmin@Graylog:~$ sudo openssl x509 -inform der -in enterpriseRootCA.cer -out enterpriseRootCA.pem
Could not open file or uri for loading certificate from enterpriseRootCA.cer
803B7AACD17F0000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:../crypto/store/store_register.c:237:scheme=file
803B7AACD17F0000:error:80000002:system library:file_open:No such file or directory:../providers/implementations/storemgmt/file_store.c:267:calling stat(enterpriseRootCA.cer)
Unable to load certificate
I preformed the commands above this section without any issues… I did not get a value back so i did the section for…“IF the above ls command does NOT return a value, use the bundled JDK cacerts file”
2. Describe your environment:
-
OS Information: Debian 12 (Bookworm) VM
-
Package Version:
mongodb-org/bookworm/mongodb-org/7.0,now 7.0.14
opensearch/stable,now 2.17.0
graylog-server/stable,now 6.0.6-1 -
Service logs, configurations, and environment variables:
gladmin@Graylog:~$ sudo journalctl -r
Sep 23 15:08:56 Graylog sudo[5003]: pam_unix(sudo:session): session opened for user root(uid=0) by gladmin(uid=1000)
Sep 23 15:08:56 Graylog sudo[5003]: gladmin : TTY=pts/0 ; PWD=/home/gladmin ; USER=root ; COMMAND=/usr/bin/journalctl -r
Sep 23 15:08:54 Graylog sudo[5000]: pam_unix(sudo:session): session closed for user root
Sep 23 15:08:54 Graylog sudo[5000]: pam_unix(sudo:session): session opened for user root(uid=0) by gladmin(uid=1000)
Sep 23 15:08:54 Graylog sudo[5000]: gladmin : TTY=pts/0 ; PWD=/home/gladmin ; USER=root ; COMMAND=/usr/bin/openssl x509 -inform der -in enterpriseRootCA.cer>
Sep 23 15:08:48 Graylog sudo[4996]: pam_unix(sudo:session): session closed for user root
3. What steps have you already taken to try and solve the problem?
I have googled and looked through this community for an good response regarding the “Could not open file or uri for loading certificate from enterpriseRootCA.cer +graylog”. I have also tried to find and up-to-date youtube video for setting up TLS for a graylog 6 install which i did not find.
4. How can the community help?
I am needing some guidance on what to do regarding the error i am currently getting.
-getting message saying that I can’t have more then 2 urls when I am only using 2 urls…