Hi Jochen,

sorry for long reply, but server in production and it took some time to 
test yours suggestions. We rebuild configuration files and now it works!

Final configuration of apache2 vhost:

<VirtualHost *:80>
        ServerAdmin [email protected]
        ServerName graylog.site.org
        RewriteEngine On
        RewriteCond %{HTTPS} off
        RewriteRule (.*) https://%{HTTP_HOST}:443%{REQUEST_URI}

        <Proxy *>
                Order deny,allow
                Deny from all
                allow from ****
        </Proxy>


</VirtualHost>

<VirtualHost *:443>
        ServerAdmin [email protected]
        ServerName graylog.site.org
        ProxyRequests off
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/***.crt
        SSLCertificateChainFile /etc/apache2/ssl/***.pem
        SSLCertificateKeyFile /etc/apache2/ssl/***.key

        <Proxy *>
                Order deny,allow
                Deny from all
                allow from *****
        </Proxy>

        SSLProxyEngine on
        ProxyPreserveHost on

        ProxyPass /api/ https://127.0.0.1:12900/api/
        ProxyPassReverse /api/ https://127.0.0.1:12900/api/

        RequestHeader set X-Graylog-Server-URL 
"https://graylog.site.org/api/";
        ProxyPass / https://127.0.0.1:9000/ nocanon
        ProxyPassReverse  /  https://127.0.0.1:9000/
        ProxyPassReverse / https://graylog.site.org/
        AllowEncodedSlashes NoDecode

</VirtualHost>  

Final configuration of gralyog2:

rest_listen_uri = http://0.0.0.0:12900/api/
rest_transport_uri = http://192.168.0.5:12900/api/
rest_enable_cors = true
rest_enable_gzip = true
rest_enable_tls = true
rest_tls_cert_file = /etc/graylog/server/graylog.pem
rest_tls_key_file = /etc/graylog/server/graylog.p8.pem

web_listen_uri = http://127.0.0.1:9000/
#web_endpoint_uri = https://192.168.0.5:12900/
#web_enable_cors = false
#web_enable_gzip = false
web_enable_tls = true
web_tls_cert_file = /etc/graylog/server/graylog.pem
web_tls_key_file = /etc/graylog/server/graylog.p8.pem


Thanks for help!


вторник, 13 декабря 2016 г., 11:54:10 UTC+2 пользователь Jochen Schalanda 
написал:
>
> Hi,
>
> your rest_listen_uri and rest_transport_uri (both using port 12900) don't 
> match what you've configured in Apache httpd (using port 9000).
>
> Cheers,
> Jochen
>
> On Tuesday, 13 December 2016 10:20:21 UTC+1, Evgeniy Danilenko wrote:
>>
>> UP UP UP
>>
>> четверг, 24 ноября 2016 г., 12:25:01 UTC+2 пользователь Evgeniy Danilenko 
>> написал:
>>>
>>> Hello Jochen,
>>>
>>> i am working with Alexandr and this is a part of our graylog 
>>> configuration file:
>>>
>>> rest_listen_uri = http://0.0.0.0:12900/api/
>>> rest_transport_uri = http://192.168.0.5:12900/api/
>>> rest_enable_cors = true
>>> rest_enable_gzip = true
>>> rest_enable_tls = true
>>> rest_tls_cert_file = /etc/graylog/server/graylog.pem
>>> rest_tls_key_file = /etc/graylog/server/graylog.p8.pem
>>>
>>> web_listen_uri = http://127.0.0.1:9000/
>>> #web_endpoint_uri = https://192.168.0.5:12900/
>>> #web_enable_cors = false
>>> #web_enable_gzip = false
>>> web_enable_tls = true
>>> web_tls_cert_file = /etc/graylog/server/graylog.pem
>>> web_tls_key_file = /etc/graylog/server/graylog.p8.pem
>>>
>>>
>>>
>>> вторник, 8 ноября 2016 г., 12:45:55 UTC+2 пользователь Jochen Schalanda 
>>> написал:
>>>>
>>>> Hi Alexander,
>>>>
>>>> how did you configure Graylog on your machine?
>>>>
>>>> Cheers,
>>>> Jochen
>>>>
>>>> On Tuesday, 8 November 2016 11:03:51 UTC+1, Alexander Gerasymenko wrote:
>>>>>
>>>>>
>>>>>
>>>>> after updating apache 2.4 with https support, we received this message 
>>>>> on graylog web log in. The apache virtual host config file was made using 
>>>>> this sample 
>>>>> http://docs.graylog.org/en/2.1/pages/configuration/web_interface.html#apache-httpd-2-x
>>>>>
>>>>> Here is an apache config
>>>>>
>>>>> <VirtualHost *:80>
>>>>>>         ServerAdmin [email protected]
>>>>>>         ServerName graylog.site.org
>>>>>>     RewriteEngine On
>>>>>>     RewriteCond %{HTTPS} off
>>>>>>     RewriteRule (.*) https://%{HTTP_HOST}:443%{REQUEST_URI}
>>>>>>         
>>>>>>     <Proxy *>
>>>>>>                 Order deny,allow
>>>>>>                 Deny from all
>>>>>>                 allow from 192.168.0.0/24
>>>>>>         </Proxy>
>>>>>>
>>>>>>
>>>>>> </VirtualHost>
>>>>>>
>>>>>> <VirtualHost *:443>
>>>>>>     ServerAdmin [email protected]
>>>>>>     ServerName graylog.site.org
>>>>>>     ProxyRequests Off
>>>>>>     SSLEngine on
>>>>>>     SSLCertificateFile /path/to/ssl.crt
>>>>>>     SSLCertificateChainFile /path/to/ssl.pem
>>>>>>     SSLCertificateKeyFile /path/to/ssl.key
>>>>>>
>>>>>>     <Proxy *>
>>>>>>         Order deny,allow
>>>>>>                 Deny from all
>>>>>>                 allow from 192.168.0.0/24
>>>>>>     </Proxy>
>>>>>>
>>>>>>     <Location />
>>>>>>         RequestHeader set X-Graylog-Server-URL "
>>>>>> https://graylog.site.org/api/";
>>>>>>         ProxyPass http://127.0.0.1:9000/
>>>>>>         ProxyPassReverse http://127.0.0.1:9000/
>>>>>>         </Location>
>>>>>> </VirtualHost>    
>>>>>>
>>>>>
>>>>>     Graylog Version: 2.1.2-1
>>>>>     Elasticsearch Version: 2.1.1
>>>>>     MongoDB Version: 2.6.11
>>>>>     Operating System: Ubuntu 14.04
>>>>>     Browser version: Firefox 49.0.2
>>>>>
>>>>>
>>>>>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/39254924-14e7-4096-a319-96754f717363%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to