Https key issue

Hi there,
I’m using letsencrypt and freshly installed graylog, now trying to secure it with https. Added the graylog.example.com domain, so certificate is ready to install. Then used the following command to convert certbot’s generated “pem” file to PKCS#8:

openssl pkcs8 -topk8 -inform PEM -outform PEM -in privkey.pem -out privkey-pkcs8.pem -nocrypt

I also tried similar versions, but I always end up with

ValidationException: Unreadable or missing HTTP private key: /etc/letsencrypt/live/example.com/privkey-pkcs8.pem

I’m aware this is a very basic step, but Google wouldn’t help me :upside_down_face: So what am I missing?

Thanks!

Can the graylog user actually read the /etc/letsencrypt/live/example.com/privkey-pkcs8.pem file?

Check your permissions. /etc/letsencrypt/live/ is locked down by default.

I’ve also never had to do anything to the certbot generated files to get HTTPS working.

1 Like

Indeed! I didn’t hink of graylog running under another account than root, because nginx “just works” without having to alter permissions. I should have thought of that x/

Thanks!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.