- openssl req -x509 -days 365 -nodes -newkey rsa:2048 -config openssl-graylog.cnf -keyout pkcs5-plain.pem -out cert.pem
- openssl pkcs8 -in pkcs5-plain.pem -topk8 -nocrypt -out pkcs8-plain.pem
- openssl pkcs8 -in pkcs5-plain.pem -topk8 -out pkcs8-encrypted.pem -passout pass:secret
After that I copied the .pem files to my graylog container, After this, I added te certs to the java keystore:
- keytool -importcert -keystore /usr/share/graylog/certs/ -storepass secret -alias graylog-self-signed -file cert.pem
and in the container I edited the .conf file enabling the https and editing the http_publish_uri adding the s to the http:
# Enable HTTPS support for the HTTP interface.
# This secures the communication with the HTTP interface with TLS to prevent request forgery and eavesdropping.
http_enable_tls = true
# The X.509 certificate chain file in PEM format to use for securing the HTTP interface.
http_tls_cert_file = /path/to/graylog-certificate.pem
# The PKCS#8 private key file in PEM format to use for securing the HTTP interface.
http_tls_key_file = /path/to/graylog-key.pem
# The password to unlock the private key used for securing the HTTP interface. (if key is encrypted)
http_tls_key_password = secret
Finally I restart the container to perform the changes, Graylog seems to be ok but in the browser it is no appearing the https and I’m reciving this message in the docker logs
WARN : org.graylog2.shared.rest.resources.ProxiedResource - Unable to call https://192.168.1.1:9000/api/system/inputstates on node <978f7e2e-316c-4799-884a-7d4ad3720347>: connect timed out
This containers lives in a remote server, I exposed the Graylog with some DNS using a Nginx, I think that my problem has to be with this but I’m no realizing how to expose with the https.
Is the nginx unnecesary? or How should I configure the Nginx in order to expose the graylog as https?
I also understand that the log refers to my communication between graylog and elasticsearch but not knowing how to solve it.