So I can pull up the GUI using https and even show the valid certificate. I can create inputs but cannot start any inputs. I get the following error:
2019-02-28T12:37:43.528-05:00 WARN [ProxiedResource] Unable to call https://10.20.30.40:9000/api/system/inputstates on node <535aff1b-6b40-4208-bea5-827a6f560497>
javax.net.ssl.SSLPeerUnverifiedException: Hostname 10.20.30.40 not verified:
certificate: sha256/RjIlKT792ohmSxPEr6P3Md60UwEqR8LA7OI39LEOVvc=
DN: CN=graylog.example.com, OU=IT1, O=Mine, L=Any, ST=Confused, C=US
subjectAltNames: [graylog.example.com, greylog.example.com]
How can I change the behaviour to use the hostname instead of the IP?
I also have this log entry:
2019-02-28T12:40:05.340-05:00 WARN [AbstractTcpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogTCPInput{title=syslog_tcp_5141_linux, type=org.graylog2.inputs.syslog.tcp.SyslogTCPInput, nodeId=null} (channel [id: 0xdd8633b3, L:/0:0:0:0:0:0:0:0:5141]) should be 1048576 but is 212992.
When I look in the GUI, the Receive Buffer Size is set to: 1048576; is it defined else or am I looking in the wrong place?
Your created certificate does not include the IP of your Graylog - but that IP is used in the Graylog configuration that is why the certificate can’t be used for communication using the IP.
Thanks, in previous graylog versions I didn’t need to have SANs for the IP address in my certificate. Is there somewhere I can override this within my config?
I do have this behind an HAProxy server. I compared the graylog 3.0 documentation for running as such and also compared against my 2.x graylog environment.
Thanks, I recut the certificate to include the individual nodes in the SubjectAltNames (SAN) in addition to the load balanced name and added the following to /etc/graylog/server/server.conf:
