Syslog TLS Input CERTIFICATE_UNKNOWN

teaton · February 18, 2021, 1:35pm

I am trying to setup a standard syslog tcp input using TLS however I seem to be stuck with the following error:

(cause io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN)

Input Config:
bind_address: 0.0.0.0
max_message_size: 2097152
number_worker_threads: 2
port: 5555
recv_buffer_size: 1048576
store_full_message: false
tcp_keepalive: false
tls_cert_file: /etc/graylog/server/certs/server.crt
tls_client_auth: optional
tls_client_auth_cert_file: /etc/graylog/server/certs/ca.crt
tls_enable: true
tls_key_file: /etc/graylog/server/certs/server-PKCS8.key
tls_key_password:********
use_null_delimiter: false

Any ideas on how to resolve this?

gsmith · February 18, 2021, 10:38pm

@teaton
What version of Graylog you using? Look like a cert problems from here.

Maybe take a look at this

https://docs.graylog.org/en/4.0/pages/configuration/https.html#using-https

system · March 4, 2021, 10:38pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog TLS Input setup questions Graylog Central (peer support)	1	182	March 6, 2024
Graylog TLS Input Graylog Central (peer support)	2	305	November 22, 2023
TLS for an Input Graylog Central (peer support)	3	147	May 25, 2024
TLS Input created Graylog Central (peer support)	5	1325	May 21, 2020
Setting up TLS Client Auth Trusted Cert for Graylog Input Graylog Central (peer support)	1	2322	June 23, 2017

Syslog TLS Input CERTIFICATE_UNKNOWN

Related Topics