Hi All,
I am trying to setup the SSL/TLS in graylog by using the following documentation:
- https://docs.graylog.org/en/3.0/pages/configuration/https.html#ssl-setup
- Graylog3 with https (easy tutorial)
but however i am getting the following error response and I am unable to proceed further.
2021-03-29T14:49:36.164-05:00 WARN [ProxiedResource] Unable to call https ://192.168.255.238:9000/api/system/metrics/multiple on node <7449abff-806f-471a-84cd-adce278c59d8>: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
I am using Ubuntu 18.04 + Graylog 4.0.5 + Nginx 1.14.0 and I have added the self signed certificate (cert.pem) to the keystore and I used the below command to verified that certificate is added.
root@graylog:/etc/ssl/certs/graylog# keytool -keystore cacerts.jks -storepass changeit -list
graylog-self-signed, Mar 29, 2021, trustedCertEntry,
Certificate fingerprint (SHA1): FD:41:B5:7D:5A:9A:11:EE:93:88:FE:C0:10:89:12:8B:B5:D2:D8:F6
and further I have added the new JVM truststore in the Graylog JAVAOPTS variable in the location (/etc/default/graylog-server)
Please correct me if I am doing anything wrong and share your thoughts.
Regards,
Tomás