Graylog blew up after adding SSL Cert

(Steve Ferguson) #1


Just added a wildcard certificate to graylog, and am getting a cryptic error when starting…

2017-06-07T10:40:31.293-07:00 ERROR [ServiceManager] Service JerseyService [FAIL ED] has failed in the STARTING state. Neither RSA, DSA nor EC worked
at ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.buildSslEngineConfigur ator( ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.startUpWeb(JerseyServi ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.startUp(JerseyService. java:141) ~[graylog.jar:?]
at$DelegateService $ [graylog.jar:?]
at$ [graylog.jar:?]
at [?:1.8.0_131]
Caused by: xception: IOException : DER input, Integer tag error
at 169) ~[sunec.jar:1.8.0_131]
at ~[?:1.8 .0_131]
at ~[graylog.jar:?]
… 6 more
Caused by: IOException : DER input, Integer t ag error
at ~[?:1.8.0_131]
at ~[?:1.8.0_131]
at ~[s unec.jar:1.8.0_131]
at 7) ~[sunec.jar:1.8.0_131]
at 165) ~[sunec.jar:1.8.0_131]
at ~[?:1.8 .0_131]
at ~[graylog.jar:?]

I added the certificate to the java keystore as well… Any suggestions?

(Jan Doberstein) #2

Hej @sferguson

the error is produced here in Graylog - did you checked if the Key Format is RSA, DSA or EC?

Please describe what you had done and if you read (what) documentation to solve your issue.

(Steve Ferguson) #3

The key appears to be RSA. I followed the documentation to enable SSL for the server

(Jan Doberstein) #4

did you check if the Graylog User is able to read the files?

(Steve Ferguson) #5

Yes. Graylog user has full RWX access to the folder.

(system) closed #6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.