Running Graylog 3.1 .4 single server on RHEL 7.7 installed via the distro repo.
Most of my config is running ok but certain pages and links strangely fail to load. Going to Nodes shows 1 active node with “System information is currently unavailable” caption below it, clicking on the node gives me an error getting data page.
I have a few inputs configured which all show on the web interface as Not Running and no metrics available for this input, however I can see in the logs they are all running and receiving lots of data.
I am using tls with a wildcard certificate for https, both publish and external URI in server.conf point to the same https url. What I see in logs is every few seconds their is a:
WARN [ProxiedResource] Unable to call https://mywebsite:9000/apu/system/metrics/multiple on node … PKIX path building failed … unable to find valid certification path to requested target.
The certificate is CA signed and works ok for most of the web interface pages, the certificate is definetly in the OS cert store and also manually coped cacerts, added all certs in path to pem file and then added to the keystore and updated graylog jvm args to use new keystore but I still get the same error.
Can someone help as seems to be an issue specific to certain rest api calls “unable to find valid certification path” which makes no sense to me if it works for other web interface pages without this error. From some seearches I can see with 2.x version of Graylog a seperate rest api cert could be used but not availbable in 3.x otherwise I would try rest api with self-signed cert to see if that works.
thanks