Https problem - 502 bad gateway

hello
After change to https web interface I had an error - 502 bad gateway:

Can you help me, what is wrong in this configuration:

graylog:
server.conf:

rest_listen_uri=http://10.1.4.108:12900/
rest_transport_uri=http://10.1.4.108:12900/
web_listen_uri = http://10.1.4.108:9000/
web_endpoint_uri = http://10.1.4.108:9000/api

nginx.conf:

server {
    listen 80;
    return 301 https://$host$request_uri;
}

server {

    listen 443;
    server_name 10.1.4.108;

    ssl_certificate           /root/graylog.pem;
    ssl_certificate_key       /root/key_pk8.pem;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

   
    location / {

	proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    Host $http_host;
        proxy_set_header    X-Graylog-Server-URL https://10.1.4.108/api;
        proxy_pass          http://10.1.4.108:9000;
	proxy_read_timeout  90;
    }

   location /api/ {
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    Host $http_host;
        proxy_pass          http://10.1.4.108:12900/;
      }
}

thx in advance for your help :slight_smile: :slight_smile: :slight_smile:

What’s the output of the following curl commands when you run them on the same machine running nginx?

$ curl -i -H 'Accept: application/json' 'http://10.1.4.108:12900/?pretty=true'
$ curl -i -H 'Accept: text/html' 'http://10.1.4.108:9000/'

damn … :frowning:

Failed connect to 10.1.4.108:12900; Connection refused

Failed connect to 10.1.4.108:9000; Connection refused

what should I do next ? :slight_smile:

Is 10.1.4.108 the correct IP address?
Is nginx running on the same machine as Graylog?

  1. yes
  2. yes

If nginx is running on the same machine, you can simply use the defaults of rest_listen_uri, rest_transport_uri, and web_listen_uri.

What’s the output of the following commands:

$ ip addr show
$ netstat -tulpen
$ ping -c 1 10.1.4.108

everything works:

inet 10.1.4.108/24

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 34831 4398/nginx: master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 34832 4398/nginx: master

64 bytes from 10.1.4.108: icmp_seq=1 ttl=64 time=0.017 ms

Firewall is off

Please post the complete output of each command.

It looks like Graylog isn’t running on that system. Check the logs of your Graylog node.

of course graylog-server, mongodb, elasticsearch, nginx) are running.

# systemctl status graylog-server.service
● graylog-server.service - Graylog server
   Loaded: loaded (/usr/lib/systemd/system/graylog-server.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2017-07-18 10:17:48 CEST; 410ms ago
     Docs: http://docs.graylog.org/
 Main PID: 14234 (graylog-server)
   CGroup: /system.slice/graylog-server.service
           ├─14234 /bin/sh /usr/share/graylog-server/bin/graylog-server
           └─14235 /usr/bin/java -Xms1g -Xmx1g -XX:NewRatio=1 -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled...

everything works when I return to http configuration.

Maybe sth is wrong with my nginx config?

Check the logs of your Graylog node. It sure wasn’t bound to the configured network interface, according to the output of the previous commands I’ve told you.

I checked it. I cannot see the reason in logs … everythings see ok …

Sorry, but I can’t help you if you don’t provide the necessary information, such as the unabridged output of the commands I’ve asked for and the unabridged logs of your Graylog node.

I’ve also told you that you could use the default settings for various configuration settings. Have you tried that?

:slight_smile: Do you have a sample cofiguration of nginx of graylog on 443? (nginx.conf file) if yes can you send me it?

See http://docs.graylog.org/en/2.2/pages/configuration/web_interface.html#nginx

do you think that my configuration of ngix is ok ?

Since http://10.1.4.108:12900/ and http://10.1.4.108:9000/ are obviously not reachable from the machine running nginx, it’s probably wrong.

probably ur firewall is blocking the connection request.

everything is all_in_one : nginx and graylog, firewall is turned off

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.