I have three node setup, lets say its:
server1.graylog.mydomain.com
server2.graylog.mydomain.com
server3.graylog.mydomain.com
in front of them i have a network load balancer graylog.mydomain.com
I have two signed certificates for
*.graylog.mydomain.com
and
my setup:
rest_listen_uri = https://server1.graylog.mydomain.com:12900/api/
rest_transport_uri = https://server1.graylog.mydomain.com:12900/api/
rest_listen_uri = https://server2.graylog.mydomain.com:12900/api/
rest_transport_uri = https://server2.graylog.mydomain.com:12900/api/
rest_listen_uri = https://server3.graylog.mydomain.com:12900/api/
rest_transport_uri = https://server3.graylog.mydomain.com:12900/api/
with *.graylog.mydomain.com certificate
AND
web_listen_uri = https://graylog.mydomain.com:9000/
web_endpoint_uri = https://graylog.mydomain.com:12900/api/
with graylog.mydomain.com certificate
When I access the web ui with https://graylog.mydomain.com (443->9000)
it works fine except:
graylog.mydomain.com:12900 uses an invalid security certificate.
The certificate is not valid for the name graylog.mydomain.com.
Error code: SSL_ERROR_BAD_CERT_DOMAIN
I add exception and everything is perfectly fine. I understand that my cert *.graylog.mydomain.com is not suitable for the request. server3.graylog.mydomain.com and so on is not registered in my DNS, do i have to register this to get it working? (what web_endpoint_uri would i need to setup?) Is this possible to configure this only withing graylog configuration?
I would like to have valid ssl between nodes and in web ui.