Graylog 5.14 - TrueNAS Jail and HTTPS / TLS Communication

Andy80 · September 15, 2023, 8:41pm

Hello Community,
i’ve all ready installed (manualy) an Graylog5 Server in a TrueNAS Jail 13.2. It’s reachable and usable as required but without HTTPS / TLS communication trough the web interface. there are a lot of links “how to / useing HTTPS / …” shown by google but no realy solution,if it’s running in a TrueNAS Jail.
My issue is, the Java Keystore is not existing on the host. There are different OpenJDK versions 7 / 11 / 15 installed, and i’ve noi dea how to implement certificates from my internal PKI infrastructure into Graylog to get an HTTPS and secure communication established.

Any idea / experiance how to establish HTTPS / TLS communication to Graylog successfully to use it for Switches, Unifi Controller and Firewalls ?

Thx forward
Andy

xMAXIMUSx · September 15, 2023, 9:02pm

You don’t need HTTPS to get your switches and services sending logs. I really don’t like messing around with the java keystore and all that jazz. I just setup a reverse proxy (nginx or HAproxy) and call it a day.

Andy80 · September 15, 2023, 9:20pm

@xMAXIMUSx
thx for your reply. HJave you ever installed an Apache rev.-proxy for Graylog and perhapse an guidline (topics / guideline) how it works ?

Regards
Andy

Andy80 · September 16, 2023, 6:14pm

Hello to all,
after hard work I got NGINX running as a reverse proxy for Graylog on the same host. thanks to @xMAXIMUSx

Regards
Andy

Andy80 · November 5, 2023, 10:35am

Problem fixed. NGINX rev.-proxy solved the issue and it’s reachable trough standard HTTPS link