Self-signed certificates

Luisj5231 · April 2, 2020, 12:39am

Hello again.
Using the TLS, things aren’t all clear for me. Does Graylog cannot work with self-signed certificates? Or what trick should I do?

If I use a self–signed certificate Graylog would say something like

pkix path validation failed … signature check failed

I understand tha is due to the lack of CA, but I kind of newbie about certificates.

Greetings

shoothub · April 2, 2020, 8:00am

Check doc, how to setup self-sign cert to truststore:

https://docs.graylog.org/en/3.2/pages/configuration/https.html#creating-a-self-signed-private-key-certificate
https://docs.graylog.org/en/3.2/pages/configuration/https.html#adding-a-self-signed-certificate-to-the-jvm-trust-store

Luisj5231 · April 2, 2020, 6:54pm

Well, I found my error, adding the CA to the key store,Where is the CA? I followed the docs, only have the files cacerts.jks, cert.pem and pkcs8-plain.pem.

gsmith · April 3, 2020, 3:55am

@Luisj5231
I dont know if this will help you but i found my solution here:

Luisj5231 · April 6, 2020, 5:47pm

In fact, found my error, it seems that I created the certs as root user, did it again as non root user and all Ok, thanks!

system · April 20, 2020, 5:47pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
HTTPS signature check failed Graylog Central (peer support)	3	969	April 13, 2021
Need help - Adding a self-signed certificate to the JVM trust store Graylog Central (peer support)	4	2275	April 5, 2017
Need help with setup commercial certificate in Graylog 4.1.x Graylog Central (peer support)	5	1526	October 20, 2021
Graylog TLS not working Graylog Central (peer support)	16	1263	September 1, 2021
HTTPS with single node and self signed cert Graylog Central (peer support)	7	1607	February 8, 2018

Self-signed certificates

Related topics