Https key issue

Doidel · March 6, 2020, 10:35am

Hi there,
I’m using letsencrypt and freshly installed graylog, now trying to secure it with https. Added the graylog.example.com domain, so certificate is ready to install. Then used the following command to convert certbot’s generated “pem” file to PKCS#8:

openssl pkcs8 -topk8 -inform PEM -outform PEM -in privkey.pem -out privkey-pkcs8.pem -nocrypt

I also tried similar versions, but I always end up with

ValidationException: Unreadable or missing HTTP private key: /etc/letsencrypt/live/example.com/privkey-pkcs8.pem

I’m aware this is a very basic step, but Google wouldn’t help me So what am I missing?

Thanks!

Ponet · March 6, 2020, 10:58am

Can the graylog user actually read the /etc/letsencrypt/live/example.com/privkey-pkcs8.pem file?

Check your permissions. /etc/letsencrypt/live/ is locked down by default.

I’ve also never had to do anything to the certbot generated files to get HTTPS working.

Doidel · March 6, 2020, 11:29am

Indeed! I didn’t hink of graylog running under another account than root, because nginx “just works” without having to alter permissions. I should have thought of that x/

Thanks!

system · March 20, 2020, 11:29am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog 3.2 HTTPS private key issue Graylog Central (peer support)	4	2159	May 29, 2020
Configuration HTTPS Graylog Central (peer support)	17	4172	April 26, 2018
Just another user struggling with HTTPS Graylog Central (peer support)	4	32	September 12, 2024
TLS Input Error Graylog Central (peer support)	3	534	April 6, 2021
Having issues enabling HTTPS on 3.2 Graylog Central (peer support)	5	857	March 17, 2020

Https key issue

Related Topics