Thanks Botond, appreciate your help. Do you *have* to generate the client
SSL key pairs? Is there not one already available on the machine?
Apologies if these are really obvious questions - and I realise a little
outside of NXlog itself, but I'm struggling to get the key working. I've
generated a public and private key pair using OpenSSL
openssl genrsa -aes128 -passout pass:SomePassword -out nxlog_private.pem
2048
openssl rsa -in nxlog_private.pem -passin pass:SomePassword -pubout -out
nxlog_public.pem
placed them in the /cert folder and set the config to
HTTPSCertFile %CERTDIR%/nxlog_public.pem
HTTPSCertKeyFile %CERTDIR%/nxlog_private.pem
HTTPSKeyPass SomePassword
but keep getting
"ERROR SSL error, couldn't read cert, no start line,"
from NXLog. As I understand it that's usually because the files don't
contain the headers... my public.pem file starts with
-----BEGIN PUBLIC KEY-----
and the private one starts with
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,CFB59AFB65500A0CADDE277967C37DF8
am I missing something obvious here? Thanks,
On 12 September 2013 14:01, Botond Botyanszki <[email protected]> wrote:
> Hi,
>
> HTTPSCertFile and HTTPSCertKeyFile are files you need to generate for your
> nxlog client.
> HTTPSCAFile is the CA certificate of the remote peer.
>
> Regards,
> Botond
>
>
> On Thu, 12 Sep 2013 12:00:08 +0100
> James Crowley <[email protected]> wrote:
>
> > I'm probably failing at a very basic level here, but can anyone explain
> how
> > to get the three keys that seem to be needed for om_http to post to a
> > public HTTPS endpoint?
> >
> > https://collectors.sumologic.com/ is the endpoint we're trying to hit. I
> > can extract the key for the main SSL site. And the CA key (though I'm not
> > clear where in the hierarchy this should be).
> >
> > HTTPSCertFile %CERTDIR%/client-cert.pem
> > HTTPSCertKeyFile %CERTDIR%/client-key.pem
> > HTTPSCAFile %CERTDIR%/ca.pem
> >
> >
> > but that still leves the CertKeyFile and to be honest I don't know enough
> > about how HTTPS/SSL handshakes work to figure out how I get these?
> >
> > Many thanks
> >
> > James
>
>
> ------------------------------------------------------------------------------
> How ServiceNow helps IT people transform IT departments:
> 1. Consolidate legacy IT systems to a single system of record for IT
> 2. Standardize and globalize service processes across IT
> 3. Implement zero-touch automation to replace manual, redundant tasks
> http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
> _______________________________________________
> nxlog-ce-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
>
--
---
James Crowley
CTO, FundApps - a new generation in financial services software -
http://www.fundapps.co/
Founder, developerFusion - the global developer community -
http://www.developerfusion.com/
linkedin: http://linkedin.com/in/jamescrowley
twitter: http://twitter.com/jamescrowley
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. Consolidate legacy IT systems to a single system of record for IT
2. Standardize and globalize service processes across IT
3. Implement zero-touch automation to replace manual, redundant tasks
http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________
nxlog-ce-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
