Graylog2 https Error on Chrome

(Greg Smith) #1

Hello All,
Question about self-signed Certs for Graylog using HTTPS.
I’m using CentOS 7 Virtual machine, all in one Graylog Server,
My installed Certificates work from the instruction use from here:
Chrome states “Not Secure” on the URL
I opened Developer Tools on Chrome and noticed the following;

The errors
“There are issues with the site’s certificate chain (net::ERR_CERT_COMMON_NAME_INVALID)”
“The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address”
Tried to fix this issue by creating a file named openssl-graylog.cnf and using it when making my certificates.
Instruction used; , No joy
I also tried to modify my /etc/pki/tls/openssl.cnf file as shown below;
[ v3_ca ]
subjectAltName= @alt_names

IP.1 = IPaddress

I did some research and found most, if not all browsers do not like Self-Signed Certificates and to remove these errors properly I need SSL certificate provider (certificate authority).
Chrome Secure resources does state “All resources on this page are served securely.”
I was wondering if there is something else I could do to fix Certificate error & Subject Alternative Name error.

(Jochen) #2

No, you have to import your self-signed certificate(s) or the CA you’ve signed them with into the certificate store of your browser.

See for an example.

(Jan Doberstein) #3

you might want to use the following script that helps you with creating the self signed certificates:

and gives you the ability to easily adopt the needed command to your own needs.


(Greg Smith) #4

@ jochen
Thank for your response, I did try to insert a certificate into Chrome, I still received the same error. I was not sure which certificate I should insert so, I download it from Chrome > Developer Tools > View certificate. This opens Certificate window > then clicked on tab called “Details” selected “all” , Click "Copy to File"then executed Still errors out.

(Greg Smith) #5

Thank for the tip on the Script, Unfortunately I’m still running into the same issue, Here is a couple of screen shots.
This was executing script “”

The results were the same as shown below,

Not sure what I’m doing wrong. Any advice would be appreciated.
NOTE: Also tried with adding Cert to Chrome

(Jan Doberstein) #6


its simple your hostname (you use in chrome) is and your certificate is only created for test-graylog.

correct that and it should work

(Greg Smith) #7

Fixed: :slight_smile:
Thanks again jan

(system) closed #8

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.