On Mon, Feb 23, 2009 at 08:49, Martin Mielke <[email protected]> wrote: > What if I create at least 2 rsyslog servers and put them behind a > load-balancer (on only the virtual IP would be known to the clients)? > how to proceed with the TLS certificates for both server and clients?
Although it depends on how you configure your load balancer, it should generally be the same method as a TCP-balanced HTTPS cluster: all server members get the same cert issued for the balanced IP. You'll need to make sure that all packets for a given client session are directed to the same server. Client certs shouldn't be any different than normal. If you plan on using anything other than the client's cert (source IP, hostname, etc.) for identification, filtering, or otherwise, you'll need to route the connections through the LB as opposed to proxying them. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
