Graylog Input with Secure AMQP Connection over TLS

(Thorstenw) #1


I have a RabbitMQ-Server that only allows verified TLS-Connections (v1.1 and v1.2).
When I create a “RAW-AMQP” Input, I am able to check the TLS-Option but launching the Input fails.

In the graylog-logfile I can see a SocketException with the Message “Connection reset”.
On my RabbitMQ-Server I get the error “handshake failure”.

My Question is, which keyfile does graylog use for the handshake? I have nothing configured on the graylog-side yet.

Thank you


(Jan Doberstein) #2

hej thorsten,

did you use self-signed certificates? If yes Graylog need to be able to verify the certificate and you need to add the Information (CA) to your Keystore.

If not you need to elaborate a little more and maybe post some log files.

(Thorstenw) #3

Hi Jan,

thanks for your reply.
yes the certificate is self signed.

When I pull log-messages from the rabbitMQ-Server to the graylog.
Do I have to add the graylog-certificate to the truststore of the rabbitmq server?
Or do I have to add the rabbitmq-certificate to the truststore of the graylog-server?

(Jan Doberstein) #4

Graylog need to be able to verify the certificate of rabbitMQ

(niged) #5

Can i ask on this what Keystore, i ask as i think i added it to the right ones, but still not working.

is their an graylog keystore config somewhere?

(Jochen) #6

@nigdav007 Please don’t hijack old topics and open new ones for your specific issues.