Graylog Data Node 6.0.3 Certificate

Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!

1. Describe your incident:
I am getting yellow alerts on shards being unassigned and I want to see via the curl commands to the API what exactly is causing it but I don’t know where Graylog creates the certificate for GL Data Node.

2. Describe your environment:

  • OS Information:
    ubuntu 22.04 LTS
  • Package Version:
    6.0.3 via Docker Compose
  • Service logs, configurations, and environment variables:

3. What steps have you already taken to try and solve the problem?

4. How can the community help?
If anyone knows what folder Graylog creates the Graylog Data Node certificate at. This is the certificate that is auto created by Graylog.

Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]

@spardok
In Graylog, you can go to System → Data Nodes → Configuration where you can generate a client certificate to be used for authenticating against the data node’s Opensearch.
Alternatively, you can use the Graylog REST API which offers an endpoint proxying a subset of requests to the datanode’s Opensearch (POST /datanodes/{hostname}/opensearch/{path: .*}) .

In case this is useful, here is our Documentation page on this topic:
https://go2docs.graylog.org/current/downloading_and_installing_graylog/install_graylog_data_node.htm

This talks specifically about Creating a Client Certificate for Third-Party Tools (such as curl).