Hello,
I followed the "step by step" documentation in order to get Wazuh up and running in my local network. I did choose to use my local DNS wherever it was possible during the installation instead of the IP address. I was able to download the
root.ca file and import it to my browser.
The problem is that when it navigate to https + IP address the certificate error persist.
I'm trying to set up a reverse NGINX proxy to redirect everything to the DNS and make it safer, but I'm not succeeding.
server {
listen 80;
server_name
srv-siem-01.mylocaldomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name
srv-siem-01.mylocaldomain.com;
ssl_certificate /etc/wazuh-dashboard/certs/dashboard.pem;
ssl_certificate_key /etc/wazuh-dashboard/certs/dashboard-key.pem;
location / {
proxy_pass
https://192.168.1.5:5601;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
After restarting nginx, I'm getting the following error and I know it is because the port 443 is already being used by wazuh-dashboard.
If I stop wazuh-dashboard and restart nginx, nginx shows only a "bad gateway" error.
I tried also to change ssl port in the /etc/nginx/sites-available/
srv-siem-01.mylocaldomain.com, from 443 to 4443 for example, but it did not help.
My question is how can I make reverse proxy work to have both, DNS and https+IP, trusted by my browser? Is it possible?
This Wazuh installation is not directly exposed to the Internet, so it was not possible to use Let's Encrypt certificate. Also, there is no firewall rules running because ufw and iptables are disabled on the server.
I spent hours digging through posts with this type of error here in the community, but nothing worked and 'm running out of ideas...
I'll be grateful if anyone can share some advices.
Regards,
Jefferson