I am trying to setup the SSL/TLS in graylog by using the following documentation:
but however i am getting the following error response and I am unable to proceed further.
2021-03-29T14:49:36.164-05:00 WARN [ProxiedResource] Unable to call https ://192.168.255.238:9000/api/system/metrics/multiple on node <7449abff-806f-471a-84cd-adce278c59d8>: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
I am using Ubuntu 18.04 + Graylog 4.0.5 + Nginx 1.14.0 and I have added the self signed certificate (cert.pem) to the keystore and I used the below command to verified that certificate is added.
root@graylog:/etc/ssl/certs/graylog# keytool -keystore cacerts.jks -storepass changeit -list
graylog-self-signed, Mar 29, 2021, trustedCertEntry,
Certificate fingerprint (SHA1): FD:41:B5:7D:5A:9A:11:EE:93:88:FE:C0:10:89:12:8B:B5:D2:D8:F6
and further I have added the new JVM truststore in the Graylog JAVAOPTS variable in the location
Please correct me if I am doing anything wrong and share your thoughts.
It could be several reasons why Graylog is complaining about your certificates. Couple that come to mind is the proper certificates being used? Can graylog access the keystore? Was the correct certificate inserted in the keystore? Is Graylog server.conf file configured correctly?
As a troubleshooting tip have you tried not using Nginx for a reverse proxy and just run Graylog with HTTPS? Reason I ask this because someone else had a simulair issue, It ended up being his Nginx configuration causing problems.
Alright, found the culprit. Accessing Graylog without passing through nginx indeed gives me a whole new user experience. A much better one, I may say.
The issue that sparked this topic, but also all the others I mentioned meanwhile are gone in direct access.
Time to play around with my nginx config.
Thank you so much for the suggestion, Greg. Much appreciated.
As you can see there are many topics of HTTPS and TCP/TLS in the forum.
Hope this helps.
Thank you for your response. I will try accessing Graylog without passing through nginx.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.