Unable to log in - 404 cannot POST



I have been following the aws guide - http://docs.graylog.org/en/2.3/pages/installation/aws.html

I launched from the AMI and ran the commands

sugo graylog-ctl reconfigure
sudo graylog-ctl set-external-ip http://<ip>:9000/api/

At this point I went to http://< ip > and was able to login using the default admin account which took me to the getting started screen

I went back to the server and ran

sudo graylog-ctl enforce-ssl
sudo graylog-ctl reconfigure

sudo graylog-ctl set-external-ip https://<ip>:443/api
sudo graylog-ctl reconfigure

When I go to https://< ip > the login box appears. I can see in the firefox developer tools that it is continuously hitting https://< ip >/api/ and returning 200 OK and receiving a json object with cluster_id, node_id, version and tagline.

However when ever I try to login using the default admin account I receive error

Error - the server returned: 404 - cannot POST https://<ip>/api/system/sessions (404)

As the instructions only require these commands to be run and I can see the webpage successfully hitting /api/ I figured that I did not mess up the configuration.

Would anybody be able to point me in the right direction to fix this issue?


(Jochen) #2

Enabling HTTPS on the OVA (AMI) is pretty much a single command, see http://docs.graylog.org/en/2.3/pages/configuration/graylog_ctl.html#install-custom-ssl-certificates for details.

I guess the external URI you’ve configured is incorrect, so double check that. You also don’t have to provide the port (443) in that URI.


Hi Jochen,

Because I couldn’t get it working I followed the exact steps in the official documentation just in case which includes providing 443 as the port. I did note that the graylog-settings.conf file strips out the port anyway so you are correct that it is not needed.

Am I correct in thinking that it should work with the self signed certificates and I don’t have to installed custom certificates?

I am pretty sure the external URI is correct, I triple checked it to make sure I entered the right IP. I would have also thought that the initial call to /api/ would fail if the URI was incorrect. The calls to /API/ work it is only when calling /api/system/sessions that I get the 404.


I have the same problem with 2.3.2 ami. I did the same steps and got the same error

(Jochen) #5

If you think this is a bug, please file an issue at https://github.com/Graylog2/omnibus-graylog2/issues and include all relevant information (such as your network setup and the graylog-settings.json file; see http://docs.graylog.org/en/2.3/pages/configuration/graylog_ctl.html#advanced-settings).


I think that I have figured this out. I was having the same issue on the Virtual Appliance.
Here is the diff of opt/graylog/conf/nginx/nginx.conf. The left side is after running sudo graylog-ctl enforce-ssl and the right side is after editing the file directly to fix it. The part that was really stumping me was on line 53, where the config that was generated for nginx should not have the /api appended to it.

<         proxy_set_header X-Graylog-Server-URL;
>         proxy_set_header X-Graylog-Server-URL https://$host:443/api;
<         proxy_pass http://localhost:9000;
>         proxy_pass http://localhost:9000/api;

This is the diff of /opt/graylog/conf/graylog.conf. Again, this is showing the left side after running sudo graylog-ctl enforce-ssl and the right side is after editing the file directly to fix it.

< rest_listen_uri =
> rest_listen_uri =
< web_listen_uri =
> web_listen_uri =

Hope this helps someone else, and maybe it can get changed for the VM build? I spent most of the day struggling with this.


(Jochen) #7

I can only quote myself:

(system) #8

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.