OVA not listening/refusing connection on 443

(João Ciocca) #1

I’m trying to find out why, but sidecar can’t connect to Graylog anymore - it’s OVA is setup on

time="2017-06-09T23:16:20-03:00" level=error msg="[RequestConfiguration] Fetching configuration failed: Get dial tcp connectex: Nenhuma conexão pôde ser feita porque a máquina de destino as recusou ativamente." 

(that message at the end translates to “No connection could be made because the target machine actively refused it”)
When I tried netstat or ss, there was no listening on 443, which explains why connection was refused…

Any ideas where I could look for what’s going on? Shouldn’t 443 be listening by default on OVA?

(Jan Doberstein) #2

the appliance is listening by default on port 80 (http) and you need to create certificates and actively enable https (port 443).

see the documentation here

(João Ciocca) #3

I could swear I’ve read somewhere that OVA already came with self-signed certifications created and applied, and SSL on by default. Still, why do I need https on sidecar (I’m testing, not on production, I fully understand the point of enforcing on production)? is there no way to make sidecar communicate with graylog through http/80?

(João Ciocca) #4

As I’ve mentioned on my last post on the other topic, where I reviewed the whole scenario…

I created a self-signed certificate. VM sidecar works, notebook sidecar complains that “x509: certificate signed by unknown authority”

(João Ciocca) #5

“tls_skip_verify: true”

changed to false, it’s working now. I think we should leave this post here for when my bad memory strikes and I forget about this…

(Jan Doberstein) #6

Just to have it said - you can also use http for sidecar to Graylog connection.

(João Ciocca) #7

I’m not working right now, but I’ll check to see about that - now that you’ve mentioned that, I think server in collector_sidecar.yml is set to https. Anyway, my next move in testing will be to integrate letsencrypt…

Yeah, changing connection from https://ip:443/api to http://ip:9000/api worked too. Feeling pretty dumb about it now, you know? But thanks! =)

(system) closed #8

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.