Hello @jimbrew
I’ll be honest when I first did this it was difficult to understand, perhaps I could shed some light on this.
I believe this is a combo of configuration and perhaps the certificates.
If your trying to use HTTPS on the Web UI then you would need to follow something like this.
If you get that to work you can also use the two certificate made from that documentation for your INPUTS.
The working directory should now contain the PKCS#8 private key (graylog-key.pem) and the X.509 certificate (graylog-certificate.pem) to be used with Graylog.
If your unfamiliar with how certificates and keystore work, I would suggest placing those two certs in your Graylog Directory since Graylog owns its directory, as for Docker I believe Graylogs PID is 1100.
Here is an example of HTTPS config
http_bind_address = graylog.domain.com:9000
http_publish_uri = https://graylog.domain.com:9000/
http_enable_cors = true
http_enable_tls = true
http_tls_cert_file = /etc/pki/tls/certs/graylog/graylog-certificate.pem
http_tls_key_file = /etc/pki/tls/certs/graylog/graylog-key.pem
http_tls_key_password = secret
Input used.
So to sum it up…
I created certificates for my Graylog instance using HTTPS , then I used those two certs for my input as shown above. This is only a demonstration of what could be done. In my Prod I would use different certificates for my inputs. This is definitely a learning experience.
Here is some add info, not sure if you have seen these posts.
Hope that helps