WARN when i actif a https with sectigo wildcard

Graylog Central (peer support)
1

Hello,

When i activate https with a wildcard certificate of Sectigo, i have this warning repeatedly in my log :

WARN [ProxiedResource] Unable to call https://XX.XX.XX.XX:9000/api/system/metrics/multiple on node : sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

SRV 1 : Graylog 3.1.4 with MongoDb 4.2.2
SRv 2 : Elasticsearch

when i test a curl on srv1 with curl -i ‘http://XX.XX.XX.XX:9000/api/?pretty=true
curl: (52) Empty reply from server

But graylog webi is accessible.

2

Check if you included also intermediate certificate not only wildcard certifikate.

3

in addition - it might be that your JVM is not able to identify/validate the certificate. Depending on your OS you might need the CA certificate added to the JVM. But that is just an idea.

4

thanks, i added the intermediate certificate and that solved my problem.
And i changed this line : http_bind_address=FQDN:9000

5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.