1. Describe your incident:
When I started using HTTPS, the inputs show NOT RUNNING, and cannot get any information under System >> nodes.
In GrayLog logs, I see this error:
2024-02-08T15:19:31.044-08:00 WARN [ProxiedResource] Failed to call API on node <68836b-22b8-4ab8-8220-be9c3c5e>, cause: None of the TrustManagers trust this certificate chain.
2. Describe your environment:
- OS Information:
NAME=“Ubuntu”
VERSION_ID=“22.04”
VERSION=“22.04.3 LTS (Jammy Jellyfish)”
I have Graylog & mongo DB installed in one machine and OpenSearch installed in another Machine.
GrayLog Version 5.2
OpenSearch Version 2.5.0
MongoDB Version 6.0
To use HTTPS and followed most of the steps in this Doc:
How-To Guide: Securing Graylog with TLS
I am using a signed certificate.
/etc/graylog/server/server.conf
is_leader = true
node_id_file = /etc/graylog/server/node-id
password_secret = 3NMgmBM882QyH5O5A0ijvVqETT1sUGHQC0upxZm-gBSVExAdEVAdjKwWws9aZWJNsJ0xHv
root_password_sha2 = 4cc4f40ea6fc42988a826c6b2b9690286feaff7753
root_timezone = America/Los_Angeles
bin_dir = /usr/share/graylog-server/bin
data_dir = /var/lib/graylog-server
plugin_dir = /usr/share/graylog-server/plugin
http_bind_address = 0.0.0.0:443
http_publish_uri = https://lab.domain.com
http_enable_cors = true
http_enable_tls = true
http_tls_cert_file = /opt/graylog/tls/certificate.pem
http_tls_key_file = /opt/graylog/tls/private.pem
http_tls_key_password = secret
stream_aware_field_types=false
/etc/default/graylog-server
GRAYLOG_SERVER_JAVA_OPTS=“-Xms2g -Xmx2g -server -XX:+UseG1GC -XX:-OmitStackTraceInFastThrow -Djavax.net.ssl.trustStore=/etc/graylog/graylog.jks -Djavax.net.ssl.trustStorePassword=secret”
I already imported the cert.
3. What steps have you already taken to try and solve the problem?
followed the steps in above document
Read a few community posts, but no help so far.
4. How can the community help?
Need help how to fix this error:
Failed to call API on node <68836b-22b8-4ab8-8220-be9c3c5e>, cause: None of the TrustManagers trust this certificate chain.
Thank you