Filebeat/graylog ssl certificate

warmup031 · March 9, 2019, 1:24pm

Hello,
I’m trying to configure filebeat with graylog with a ssl wildcard certificate to encrypt log streams to graylog server, but it fails.
The ssl certificate for https is working fine.

The ssl certificate private key was in pkcs#1, I converted it in pkcs#8.

Filebeat logs tells x509: “cannot validate certificate for xx.xx.xx.xx because it doesn’t contain any IP SANs”

Graylog server log :
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

I saw somewhere that the certificate must contain the ip address, otherwise it won’t work. and saw an option " `insecure_skip_verify" for tls. Can it be configured in graylog ? Have you an idea ?

How to set the ssl certificate both side (filebeat/graylog server) for streams to be encrypted with the ssl wildcard certificate ?

Thank you for your help

jan · March 11, 2019, 10:16am

Please read this part of the Documentation: http://docs.graylog.org/en/3.0/pages/secure/sec_graylog_beats.html

system · March 25, 2019, 10:24am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certificate/TLS Issue Graylog Central (peer support)	15	5036	June 24, 2020
Graylog 3.0.2 https Graylog Central (peer support) sidecar	11	4356	September 2, 2019
Configuration ssl/tls graylog https Graylog Central (peer support)	28	3642	February 10, 2023
File does not contain valid private key Graylog Central (peer support) sidecar	11	2971	December 4, 2019
Graylog secure Filebeat input Graylog Central (peer support)	2	66	November 18, 2024

Filebeat/graylog ssl certificate

Related topics