Syslog TLS Input CERTIFICATE_UNKNOWN

I am trying to setup a standard syslog tcp input using TLS however I seem to be stuck with the following error:

(cause io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN)

Input Config:
bind_address: 0.0.0.0
max_message_size: 2097152
number_worker_threads: 2
port: 5555
recv_buffer_size: 1048576
store_full_message: false
tcp_keepalive: false
tls_cert_file: /etc/graylog/server/certs/server.crt
tls_client_auth: optional
tls_client_auth_cert_file: /etc/graylog/server/certs/ca.crt
tls_enable: true
tls_key_file: /etc/graylog/server/certs/server-PKCS8.key
tls_key_password:********
use_null_delimiter: false

Any ideas on how to resolve this?

@teaton
What version of Graylog you using? Look like a cert problems from here.

Maybe take a look at this

https://docs.graylog.org/en/4.0/pages/configuration/https.html#using-https

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.