Import internal certificate to java keystore in graylog container

So, I wanted to ask if there is a working solution to import an internal certificate (in my case, the one from my LDAP server) to the java keystore of the graylog container?

Thanks in advance! If you need anything to know about my setup (obviously graylog running on docker) let me know, I’ll provide it.

Hi Eisscherge, have you checked out the Graylog documentation on using HTTPS?

When you are configuring TLS, you need to make sure that your certificate/key files are in the right format, which is X.509 for certificates and PKCS#8 for the private keys. Both must to be stored in PEM format.

As long as the certificate and key are in the right format, exist in a java keystore on the server, your Graylog server is configured to use this specific keystore, and the certificate you want to use properly represents the Graylog server (server hostname or IP in the “CN” field, hostname in the DNS.1 SAN field, and IP in the IP.1 SAN field), the certificate should work.

Have you taken any steps to try this yet? If so, where does it go wrong and what errors are you seeing?

Hello,

Adding on to what @william suggested

If by chance your working with MSAD perhaps this documentation may also help.

Sorry, I didn’t specify my problem close enough. My Graylog instance runs on https with a certificate already.

I’m trying to connect an LDAP server for authentication, but the certificate issued for the LDAP server is not trusted by my Graylog container.

Hello,

I see, Perhaps this may help troubleshoot your issue.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.