Graylog 3.3 Certificate issue

Hi there !
I am currently facing an issue with Graylog 3.3 and certificates.
We are running on a CentOS 8 server and followed all steps to install it properly.

I am able to connect on web interface using HTTP without any issue.

I want to be more secure by going HTTPS but I have got the followin error when trying to configure certificates :

2020-12-08T15:28:05.877+01:00 WARN [DefaultTLSProtocolProvider] JRE doesn’t support all default TLS protocols. Changing <[TLSv1.2, TLSv1.3]> to <[TLSv1.2]>
2020-12-08T15:28:06.019+01:00 INFO [CmdLineTool] Loaded plugin: AWS plugins 3.3.9 [org.graylog.aws.AWSPlugin]
2020-12-08T15:28:06.019+01:00 INFO [CmdLineTool] Loaded plugin: Integrations 3.3.9 [org.graylog.integrations.IntegrationsPlugin]
2020-12-08T15:28:06.020+01:00 INFO [CmdLineTool] Loaded plugin: Collector 3.3.9 [org.graylog.plugins.collector.CollectorPlugin]
2020-12-08T15:28:06.021+01:00 INFO [CmdLineTool] Loaded plugin: Threat Intelligence Plugin 3.3.9 [org.graylog.plugins.threatintel.ThreatIntelPlugin]
2020-12-08T15:28:06.144+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: Unreadable or missing HTTP private key: null
at org.graylog2.configuration.HttpConfiguration.validateTlsConfig(HttpConfiguration.java:252) ~[graylog.jar:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_272]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_272]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_272]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_272]
at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:221) ~[graylog.jar:?]
at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:100) ~[graylog.jar:?]
at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:351) [graylog.jar:?]
at org.graylog2.bootstrap.CmdLineTool.readConfiguration(CmdLineTool.java:344) [graylog.jar:?]
at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:178) [graylog.jar:?]
at org.graylog2.bootstrap.Main.main(Main.java:50) [graylog.jar:?]

The error message is :
ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: Unreadable or missing HTTP private key: null

Where is the private key path ?

I tried with both a self-signed key and from a signed key using our internal CA (Windows-based)

Any idea ?

Thank you

Best regards

Clement

@g-clement You can take a look at the below Gralog documentation link, which will help you solve your query.

Hello @makarands,

I followed the steps on official documentation, trying with certificates signed by our internal CA but also with self signed certificates.

My issue is :
Invalid configuration
com.github.joschi.jadconfig.ValidationException: Unreadable or missing HTTP private key: null

Why do i get a “null” reference ?

Regards

Clement

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.