Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question. Don’t forget to select tags to help index your topic!
1. Describe your incident:
Hi,
I’ve tried to run graylog on port 443 so I’ve changed the entry in /etc/graylog/server/server.conf to
http_bind_address = syslog2.izum.pri:443
and restarted graylog-server. The server started but it’s actually restarting all over according to the server.log.
Via https://<server.domain>:443, I can’t connect to Graylog.
There is more to enabling TLS than simply changing the ports. Please review these pages in the docs. The second link is how to configure Graylog, the first is how to set up a CA, if you don’t already have one.
In case this is helpful, there are a few “sharp edges” regarding TLS and graylog. I’ve documented as many as I could find via How-To Guide: Securing Graylog with TLS
In your case, (making some assumptions here, such as you installed graylog via the package and graylog runs as user graylog) i believe you may be running into the “non root linux users cannot bind to network ports lower than 1024” issue. There is a section towards the end that talks about this but the summary is you can add AmbientCapabilities=CAP_NET_BIND_SERVICE to your graylog service file.