I want to secure my graylog server web interface with apache.
I configured my apache configuration file in https but when I navigate to url with the name of my server, it shows me the default apache page, which is well secured with my certificate.
Someone to help me please!
This is my apache configuration apache:
<VirtualHost *:80>
ServerName domainname
ServerAlias www.domainname
# Redirection 301 vers le site en HTTPS
Redirect permanent / https:/domainname/
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/html/
ServerName domainname
ServerAlias www.domainname
# <Directory />
# Options -Indexes +FollowSymLinks +MultiViews
# AllowOverride none
# Require all granted
# </Directory>
# directives obligatoires pour TLS
SSLEngine on
SSLCertificateFile /etc/ssl/
SSLCertificateKeyFile /etc/ssl/
ErrorLog /var/log/apache2/error.example.com.log
CustomLog /var/log/apache2/access.example.com.log combined
</VirtualHost>
I have a question to answer you.
I want to known if i finish to configure my graylog web interface in https.
Do i must to uncomment these lines in graylog config file?
# Enable HTTPS support for the HTTP interface.
# This secures the communication with the HTTP interface with TLS to prevent request forgery and eavesdropping.
http_enable_tls = true
# The X.509 certificate chain file in PEM format to use for securing the HTTP interface.
http_tls_cert_file = /path/to/graylog-certificate.pem
# The PKCS#8 private key file in PEM format to use for securing the HTTP interface.
http_tls_key_file = /path/to/graylog-key.pem
# The password to unlock the private key used for securing the HTTP interface. (if key is encrypted)
http_tls_key_password = secret