I imported the key with keytool but still continues to be broken. On Saturday, June 4, 2016 at 9:06:46 AM UTC-4, John Babio wrote: > > So once it does finally connect I get (class > javax.net.ssl.SSLPeerUnverifiedException) caught exception: Hostname > x.x.x.x not verified: > certificate: sha256/ > Then i cannot start the input to collect syslog. > > > > On Tuesday, May 31, 2016 at 6:28:33 PM UTC-4, John Babio wrote: >> >> *i followed this in the documentation* >> Creating a self-signed private key/certificate >> >> Create PKCS#5 and X.509 certificate: >> >> $ openssl version >> OpenSSL 0.9.8zh 14 Jan 2016 >> $ openssl req -x509 -days 365 -nodes -newkey rsa:2048 -keyout >> pkcs5-plain.pem -out cert.pem >> Generating a 2048 bit RSA private key >> ............................+++ >> .+++ >> writing new private key to 'pkcs5-plain.pem' >> ----- >> [...] >> If you enter '.', the field will be left blank. >> ----- >> Country Name (2 letter code) [AU]:DE >> State or Province Name (full name) [Some-State]:Hamburg >> Locality Name (eg, city) []:Hamburg >> Organization Name (eg, company) [Internet Widgits Pty Ltd]:Graylog, Inc. >> Organizational Unit Name (eg, section) []: >> Common Name (e.g. server FQDN or YOUR name) []:graylog.example.com >> Email Address []:[email protected] >> >> Convert PKCS#5 private key into a *plaintext* PKCS#8 private key: >> >> $ openssl pkcs8 -in pkcs5-plain.pem -topk8 -nocrypt -out pkcs8-plain.pem >> *then i added my certs in like explained here.* >> >> # Enable HTTPS support for the REST API. This secures the communication with >> the REST API# using TLS to prevent request forgery and >> eavesdropping.rest_enable_tls = true >> # The X.509 certificate chain file in PEM format to use for securing the >> REST API.rest_tls_cert_file = /path/to/graylog-certificate.pem >> # The PKCS#8 private key file in PEM format to use for securing the REST >> API.rest_tls_key_file = /path/to/graylog-key.pem >> # The password to unlock the private key used for securing the REST >> API.rest_tls_key_password = secret >> # Enable HTTPS support for the web interface. This secures the communication >> the web interface# using TLS to prevent request forgery and >> eavesdropping.web_enable_tls = true >> # The X.509 certificate chain file in PEM format to use for securing the web >> interface.web_tls_cert_file = /path/to/graylog-certificate.pem >> # The PKCS#8 private key file in PEM format to use for securing the web >> interface.web_tls_key_file = /path/to/graylog-key.pem >> # The password to unlock the private key used for securing the web >> interface.web_tls_key_password = secret >> >> When I restart the service everything seems to start ok but when I connect >> to the web interface I receive and error connecting to <1.1.1.1:12900> >> >> the rest api is accessible because if I turn web_tls and rest_tls back off i >> can reach everything. >> >> >>
-- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/86ffe5ae-6e8e-4b3e-b487-ac7fa0dc4380%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
