Graylog Input with Secure AMQP Connection over TLS


(Thorstenw) #1

Hello,

I have a RabbitMQ-Server that only allows verified TLS-Connections (v1.1 and v1.2).
When I create a “RAW-AMQP” Input, I am able to check the TLS-Option but launching the Input fails.

In the graylog-logfile I can see a SocketException with the Message “Connection reset”.
On my RabbitMQ-Server I get the error “handshake failure”.

My Question is, which keyfile does graylog use for the handshake? I have nothing configured on the graylog-side yet.

Thank you

Thorsten


(Jan Doberstein) #2

hej thorsten,

did you use self-signed certificates? If yes Graylog need to be able to verify the certificate and you need to add the Information (CA) to your Keystore.

If not you need to elaborate a little more and maybe post some log files.


(Thorstenw) #3

Hi Jan,

thanks for your reply.
yes the certificate is self signed.

When I pull log-messages from the rabbitMQ-Server to the graylog.
Do I have to add the graylog-certificate to the truststore of the rabbitmq server?
Or do I have to add the rabbitmq-certificate to the truststore of the graylog-server?


(Jan Doberstein) #4

Graylog need to be able to verify the certificate of rabbitMQ


(niged) #5

Can i ask on this what Keystore, i ask as i think i added it to the right ones, but still not working.

is their an graylog keystore config somewhere?


(Jochen) #6

@nigdav007 Please don’t hijack old topics and open new ones for your specific issues.