Https isnt working for me


(Azamat) #1

Hello everyone!

I would appreciate if someone could help me resolve this issue. I’m trying to set up https but always getting Jersey service failed to log. I converted our company’s godaddy certificate to PKCS # 12 (PFX) file to private key and certificate in pem format.
My settings:
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
rest_listen_uri = https://10.205.8.35:9000/api/
rest_enable_tls = true
rest_tls_cert_file = /etc/graylog/server/graylog.pem
rest_tls_key_file = /etc/graylog/server/graylog.pem
rest_tls_key_password = xxx
web_listen_uri = https://10.205.8.35:9000/
web_enable_tls = true
web_tls_cert_file = /etc/graylog/server/graylog.pem
web_tls_key_file = /etc/graylog/server/graylog.pem
web_tls_key_password = xxx
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Default Java options for heap and garbage collection.

GRAYLOG_SERVER_JAVA_OPTS="-Xms1g -Xmx1g -XX:NewRatio=1 -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow -Djavax.net.ssl.trustStore=/etc/graylog/server/cacerts.jks

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

2018-12-21T08:55:26.933-05:00 ERROR [ServerBootstrap] Graylog startup failed. Exiting. Exception was:
java.lang.IllegalStateException: Expected to be healthy after starting. The following services are not running: {FAILED=[JerseyService [FAILED]]}
at com.google.common.util.concurrent.ServiceManager$ServiceManagerState.checkHealthy(ServiceManager.java:741) ~[graylog.jar:?]
at com.google.common.util.concurrent.ServiceManager$ServiceManagerState.awaitHealthy(ServiceManager.java:553) ~[graylog.jar:?]
at com.google.common.util.concurrent.ServiceManager.awaitHealthy(ServiceManager.java:314) ~[graylog.jar:?]
at org.graylog2.bootstrap.ServerBootstrap.startCommand(ServerBootstrap.java:149) [graylog.jar:?]
at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:209) [graylog.jar:?]
at org.graylog2.bootstrap.Main.main(Main.java:44) [graylog.jar:?]
Suppressed: com.google.common.util.concurrent.ServiceManager$FailedService: JerseyService [FAILED]
Caused by: java.io.IOException: ObjectIdentifier() – data isn’t an object ID (tag = 48)
at sun.security.util.ObjectIdentifier.(ObjectIdentifier.java:257) ~[?:1.8.0_181]
at sun.security.util.DerInputStream.getOID(DerInputStream.java:314) ~[?:1.8.0_181]
at com.sun.crypto.provider.PBES2Parameters.engineInit(PBES2Parameters.java:267) ~[sunjce_provider.jar:1.8.0_181]
at java.security.AlgorithmParameters.init(AlgorithmParameters.java:293) ~[?:1.8.0_181]
at sun.security.x509.AlgorithmId.decodeParams(AlgorithmId.java:132) ~[?:1.8.0_181]
at sun.security.x509.AlgorithmId.(AlgorithmId.java:114) ~[?:1.8.0_181]
at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:372) ~[?:1.8.0_181]
at javax.crypto.EncryptedPrivateKeyInfo.(EncryptedPrivateKeyInfo.java:95) ~[?:1.8.0_181]
at org.graylog2.shared.security.tls.PemKeyStore.generateKeySpec(PemKeyStore.java:69) ~[graylog.jar:?]
at org.graylog2.shared.security.tls.PemKeyStore.buildKeyStore(PemKeyStore.java:98) ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.buildSslEngineConfigurator(JerseyService.java:384) ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.startUpApi(JerseyService.java:207) ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.startUp(JerseyService.java:141) ~[graylog.jar:?]
at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) ~[graylog.jar:?]
at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) ~[graylog.jar:?]
at java.lang.Thread.run(Thread.java:748) ~[?:1.8.0_181]
2018-12-21T08:55:26.935-05:00 INFO [Server] SIGNAL received. Shutting down.
2018-12-21T08:55:26.944-05:00 INFO [GracefulShutdown] Graceful shutdown initiated.
2018-12-21T08:55:26.945-05:00 INFO [GracefulShutdown] Node status: [Halting [LB:DEAD]]. Waiting <3sec> for possible load balancers to recognize state change.
2018-12-21T08:55:30.948-05:00 INFO [GracefulShutdown] Goodbye.
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Thanks!


(system) #2

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.