Hi,
I am new to Graylog and I am trying to:
- Setup HTTPS access to the webconsole
- Encrypt incoming beats logs
Im currently stuck at #1. My deployment is on Azure. I have not change much on the server.conf file.
The server is current up and is reachable via HTTP only.
Here’s a snippet of my HTTPS settings server.conf (let me know if I need to include more info)
################
# HTTPS settings
################
#### Enable HTTPS support for the HTTP interface
#
# This secures the communication with the HTTP interface with TLS to prevent request forgery and eavesdropping.
#
# Default: false
#http_enable_tls = true
# The X.509 certificate chain file in PEM format to use for securing the HTTP interface.
#http_tls_cert_file = /path/to/graylog.crt
# The PKCS#8 private key file in PEM format to use for securing the HTTP interface.
#http_tls_key_file = /path/to/graylog.key
# The password to unlock the private key used for securing the HTTP interface.
#http_tls_key_password = secret
right now I have:
- the CA buntdle file
- Security certificate (.crt file)
- pkcs #7 file (.p7b)
If I understand this correctly, I should convert the pkcs #7 file to a pkcs#8? Is this possible?
After that, to apply the certificates, do I just copy them on the server and update the server.conf HTTPS setting to point to them?