I mostly followed these instructions to create to configure SSL: http://www.hospitableit.com/howto/setting-up-a-centralised-log-server-using-graylog-on-ubuntu-16-04-lts-part-two/
- openssl genrsa -aes128 -out graylog.key 4096
- openssl req -sha256 -key graylog.key -new -out graylog.csr -config graylog.cnf
- openssl pkcs8 -in graylog.key -topk8 -out graylogPKCS8.key
- keytool -import -trustcacerts -file /etc/ssl/certs/graylog.crt -alias ComodoCA -keystore /etc/graylog/cacerts.jks
- keytool -list -v -keystore /etc/graylog/cacerts.jks
Graylog isn’t starting and I’m getting this error. Seems like I have all the files in place. Any advice?
2020-02-18T09:07:45.713-05:00 ERROR [ServerBootstrap] Graylog startup failed. Exiting. Exception was:
java.lang.IllegalStateException: Expected to be healthy after starting. The following services are not running: {FAILED=[JerseyService [FAILED]]}
at com.google.common.util.concurrent.ServiceManager$ServiceManagerState.checkHealthy(ServiceManager.java:741) ~[graylog.jar:?]
at com.google.common.util.concurrent.ServiceManager$ServiceManagerState.awaitHealthy(ServiceManager.java:553) ~[graylog.jar:?]
at com.google.common.util.concurrent.ServiceManager.awaitHealthy(ServiceManager.java:314) ~[graylog.jar:?]
at org.graylog2.bootstrap.ServerBootstrap.startCommand(ServerBootstrap.java:148) [graylog.jar:?]
at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:210) [graylog.jar:?]
at org.graylog2.bootstrap.Main.main(Main.java:50) [graylog.jar:?]
Suppressed: com.google.common.util.concurrent.ServiceManager$FailedService: JerseyService [FAILED]
Caused by: java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48)
at sun.security.util.ObjectIdentifier.<init>(ObjectIdentifier.java:257) ~[?:1.8.0_242]
at sun.security.util.DerInputStream.getOID(DerInputStream.java:314) ~[?:1.8.0_242]
at com.sun.crypto.provider.PBES2Parameters.engineInit(PBES2Parameters.java:267) ~[sunjce_provider.jar:1.8.0_242]
at java.security.AlgorithmParameters.init(AlgorithmParameters.java:293) ~[?:1.8.0_242]
at sun.security.x509.AlgorithmId.decodeParams(AlgorithmId.java:132) ~[?:1.8.0_242]
at sun.security.x509.AlgorithmId.<init>(AlgorithmId.java:114) ~[?:1.8.0_242]
at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:372) ~[?:1.8.0_242]
at javax.crypto.EncryptedPrivateKeyInfo.<init>(EncryptedPrivateKeyInfo.java:95) ~[?:1.8.0_242]
at org.graylog2.shared.security.tls.PemKeyStore.generateKeySpec(PemKeyStore.java:69) ~[graylog.jar:?]
at org.graylog2.shared.security.tls.PemKeyStore.buildKeyStore(PemKeyStore.java:98) ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.buildSslEngineConfigurator(JerseyService.java:347) ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.startUpApi(JerseyService.java:172) ~[graylog.jar:?]
at org.graylog2.shared.initializers.JerseyService.startUp(JerseyService.java:146) ~[graylog.jar:?]
at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) ~[graylog.jar:?]
at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) ~[graylog.jar:?]
at java.lang.Thread.run(Thread.java:748) ~[?:1.8.0_242]
2020-02-18T09:07:45.715-05:00 INFO [Server] SIGNAL received. Shutting down.
2020-02-18T09:07:45.719-05:00 INFO [GracefulShutdown] Graceful shutdown initiated.
2020-02-18T09:07:45.719-05:00 INFO [GracefulShutdown] Node status: [Halting [LB:DEAD]]. Waiting <3sec> for possible load balancers to recognize state change.
2020-02-18T09:07:49.721-05:00 INFO [GracefulShutdown] Goodbye.