Did you have your own jks ? Means a keystore for you self signed certificates? if yes check if that contains enough/the certificate to check let’s encrypt certificates that we are using for the API.
Hi , thx for your quick reply, no we don’t use jks, i configure a nginx in front with proxy ssl (hosted on the same server) the cert in use is approved by our ca ompany.
regards
For informations i tried to disabled directives in server.conf and directly put proxy and port options in graylog jbm options as -Dhttp.proxyHost=myproxy…
I can see with ps jvm contains the right options but i didn’t see any traffic from my interface with tcpdump ^^ ? i can see trafic to proxy when i test api.graylog.com with curl but none when restarting jvm is it normal ?
regards
Yes there is no problem with curl and proxy envvar from shell. I tried /releases/active url with https and was able to retrieve informations
{“version”:{“major”:3,“minor”:2,“patch”:2},“suffix”:"",“codename”:“Ethereal Elk”,“released_at”:“2020-02-20T00:00:00.000Z”,“announcement_link”:“https://www.graylog.org/post/announcing-graylog-3-2-2","published”:true}
Hi, i’m really sad i have reinstall graylog…and everything fine except reporting license to graylog behind proxy.
2020-03-10T14:39:22.817+01:00 WARN [LicenseChecker] License violation - Failed to report license status to Graylog, Inc. - consecutive failures: 168, limit: 72
so…what could i do…
here 's my proxy config #---------
http_proxy_uri = myproxy:8080 #have to add graylog server ip in non proxy hosts to avoid errors in logfile
http_non_proxy_hosts = my_graylog_ip #---------
proxy env http_proxy and $https_proxy are fines and i could reach api.graylog.com but i could’nt find any trace with tcpdump when i restart graylog-server service …^^
could someone explain me why command above receive nothing even multiple restart of graylog ?
i have reinstall graylog…and everything fine except reporting license to graylog behind proxy.