I just wanted to share my experience with the free enterprise license violation problem our organization was having. We have enabled HTTPS using a certificate from our enterprise PKI. We were regularly seeing the following warnings in the Graylog server.log in /var/log/graylog-server/ on a deployed OVA.
[LicenseChecker] License violation - Failed to report license status to Graylog, Inc. [LicenseChecker] License violation - Detected irregular traffic records
However, we were also sometimes seeing the following warning:
[LicenseReportPeriodical] Unable to connect to license server: unable to find valid certification path to requested target.
For us, the last warning was the key to solving the issue. It turns out that when HTTPS was enabled, the admin created a new java keystore instead of copying the default keystore. The Graylog documentation clearly states to copy the default keystore and add your certificate to it, not create a new keystore.
Once we reviewed and properly followed the instructions linked above, copying the keystore and adding our certificate to it, the enterprise license violation issue was resolved.
It’s important to note that we had tested connectivity to the API using curl and it worked fine. The issue was not connectivity but that the JVM couldn’t build a secure channel because the keystore didn’t have the required certificates. When you verify that your certificate thumbprint is in the keystore, also double check that your certificate is not the only one in the keystore.
I have seen a few posts about licensing issues but haven’t seen anyone post this experience, so I hope it’s helpful for others in the future.