I’m trying to get HTTPS setup on a dev machine. I’m using a
Vagrantfile from the docs to spin up a VM for testing. I have created a cert and pkcs8 encrypted private key from the commands in the docs.
openssl req -x509 -days 365 -nodes -newkey rsa:2048 -config openssl-graylog.cnf -keyout pkcs5-plain.pem -out cert.pem
Then convert the pkcs5 key into a pkcs8 encrypted key using
openssl pkcs8 -in pkcs5-plain.pem -topk8 -nocrypt -out pkcs8-plain.pem followed by:
openssl pkcs8 -in pkcs5-plain.pem -topk8 -out pkcs8-encrypted.pem -passout pass:secret
So now I have a proper key and self signed cert.
In the VM, I don’t have a
/etc/graylog/server/server.conf file but I do have a
/opt/graylog/conf/graylog.conf file and a
/opt/graylog/server/graylog.conf.example file. Does graylog use the file in /opt/graylog/conf/graylog.conf by default or do I need to copy the file in
After modifying the appropriate configuration file, do I
sudo graylog-ctl reconfigure then
sudo graylog-ctl restart?
Do I also have to move the self signed keys to
/opt/graylog/conf/nginx/ca with the appropriate names: graylog.crt and graylog.key?
Why does the documentation use *.pem files and the configuration files use *.crt and *.key files