Odd thing happen after enable https

my graylog is refer the docker-compose file from graylog document center.
all run in one container.
then I modify below setting to enable the https:
at compose file:
- GRAYLOG_HTTP_EXTERNAL_URI=https://xxxxxxxxxx:9000/

at graylog.conf
http_enable_tls = true
http_tls_cert_file = /usr/share/graylog/ssl/graylog.crt
http_tls_key_file = /usr/share/graylog/ssl/graylog.key

and then I am able to login the graylog web interface via https, and able to recevie and search the log which send from other servers.

if I go to system–> nodes
I not able to get the node info : System information is currently unavailable.

BUT IF I remove the above https setting, everthing back to normal

I wondering did I miss something ?

did I need set sth at es or mangodb container ?

I wondering did I miss something ?

without sharing the complete configuration it would be only guessing what might be wrong.

But I guess that you have a self signed certificate and Graylog is not able to identify/check the certificate and throw an error … but that is only guessing.

hey Jan, thanks for your reply.
the cert is issued by DigiCert, not self signed. since cert is from DigiCert , So I did not set any JVM trust store or key store…(not sure if a problem)

the docker-compose file is below:
version: ‘2’

    restart: always
    image: mongo:3
      - mongo_data:/data/db
     indent preformatted text by 4 spaces
    restart: always
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.2
      - es_data:/usr/share/elasticsearch/data
      - http.host=
      - transport.host=localhost
      - network.host=
      - "ES_JAVA_OPTS=-Xms1024m -Xmx1024m"
        soft: -1
        hard: -1
    mem_limit: 1g
  # Graylog: https://hub.docker.com/r/graylog/graylog/
    restart: always
    image: graylog/graylog:3.1.2
      - graylog_journal:/usr/share/graylog/data/journal
      - /graylog/ssl/:/usr/share/graylog/ssl/
      - /graylog/graylog.conf:/usr/share/graylog/data/config/graylog.conf
      # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
      # Password: admin
      - GRAYLOG_ROOT_PASSWORD_SHA2=xxxxxxxxxxxx         
      - GRAYLOG_HTTP_EXTERNAL_URI=https://log.xxxxx.com:9000/
      - root_timezone=Asia/Shanghai
      - mongodb:mongo
      - elasticsearch
      - mongodb
      - elasticsearch
      # Graylog web interface and REST API
      - 9000:9000
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp
      - 5044:5044
      - 5044:5044/udp
      - 514:514
      - 514:514/udp
      - 443:443

    driver: local
    driver: local
    driver: local

the graylog.conf :

is_master = true
node_id_file = /usr/share/graylog/data/config/node-id
password_secret = replacethiswithyourownsecret!
root_password_sha2 = xxxxxxxxxxxxxxxx
root_timezone = Asia/Hong_Kong
plugin_dir = /usr/share/graylog/plugin
http_bind_address =
http_enable_tls = true
http_tls_cert_file = /usr/share/graylog/ssl/graylog.crt
http_tls_key_file = /usr/share/graylog/ssl/graylog.key
elasticsearch_hosts = http://elasticsearch:9200
allow_leading_wildcard_searches = false
allow_highlighting = false
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /usr/share/graylog/data/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://mongo/graylog
mongodb_max_connections = 100
mongodb_threads_allowed_to_block_multiplier = 5
content_packs_loader_enabled = true
content_packs_dir = /usr/share/graylog/data/contentpacks
content_packs_auto_load = grok-patterns.json
proxied_requests_thread_pool_size = 32

I would not mix environmental settings and configuration settings. Use either or but not both.

whats that meaing? I can get it…

you have some settings done in your docker-compose via environmental settings and in addition you have a Graylog server.conf.

I would use either or - making all settings via environmental settings OR all settings via configuration file.

I remove all the "environment properties " in graylog section in docker-compose file.
and then add the same setting on the graylog.conf . But still got the same error

what settings exactly you have in the Graylog configuration? the http_* settings are the important ones…

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.