Here is what I have tried numerous times already. I really don’t want to admit the amount of time I’ve spent on this.
https://docs.graylog.org/en/3.0/pages/configuration/https.html#creating-a-self-signed-private-key-certificate
combined with
https://docs.graylog.org/en/3.0/pages/configuration/https.html#adding-a-self-signed-certificate-to-the-jvm-trust-store
Which seems like the right combination to get the cert, and add it the java trust store, but maybe it’s not what you are supposed to do?
I used the resultant cert.pem and pkcs8-encrypted.pem as the certificates in my server.conf.
Result: didn’t work
I tried the steps in Graylog3 with https (easy tutorial)
But I had to modifiy a couple things at the end which seemed to overwrite some steps that were previously done. There is a confusing array of .jks files in the final steps with 3 different jks files. I imagine they were typos referencing actually just 1 jks file?
Greg, I noticed your helpful response you have 2 different jks files, did you end up with 2, or was that just a typo? Also, I thought the jks default password was changeit and if you changed it from that you have to add another java opt to set the password?
I might have to end up going with the nginx solution here:
if this doesn’t work, but I’m really trying to use the graylog built https method.