Question about self-signed Certs for Graylog using HTTPS.
I’m using CentOS 7 Virtual machine, all in one Graylog Server,
My installed Certificates work from the instruction use from here: https://github.com/3vi1john/graylog
Chrome states “Not Secure” on the URL
I opened Developer Tools on Chrome and noticed the following;
“There are issues with the site’s certificate chain (net::ERR_CERT_COMMON_NAME_INVALID)”
“The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address”
Tried to fix this issue by creating a file named openssl-graylog.cnf and using it when making my certificates.
http://docs.graylog.org/en/2.3/pages/configuration/https.html , No joy
I also tried to modify my /etc/pki/tls/openssl.cnf file as shown below;
[ v3_ca ]
DNS.1 = FQDN
IP.1 = IPaddress
I did some research and found most, if not all browsers do not like Self-Signed Certificates and to remove these errors properly I need SSL certificate provider (certificate authority).
Chrome Secure resources does state “All resources on this page are served securely.”
I was wondering if there is something else I could do to fix Certificate error & Subject Alternative Name error.