> -----Original Message-----
> From: [email protected] [mailto:rsyslog-
> [email protected]] On Behalf Of Carlos Fdez
> Sent: Thursday, April 11, 2013 9:44 AM
> To: [email protected]
> Subject: [rsyslog] Fwd: Receiving logs via TCP/TLS and forwarding to another
> rsyslog via TCP/TLS
> 
> Hi,
> 
> I'm trying to forward secure logs from a server that also receives, but thats
> the debug I get:
> 
> 1348.976447385:7f4f3acbd700: unexpected GnuTLS error -207 in
> nsd_gtls.c:202: Base64 unexpected header error.
This usually means there is some problem with your certificate files. 
Unfortunately, GnuTLS is not more specific in its error messages.

Rainer
> 1348.976470887:7f4f3acbd700: TCPSendInit FAILED with -2078.
> 1348.976497727:7f4f3acbd700: file netstrms.c released module 'lmnsd_gtls',
> reference count now 0
> 1348.976501630:7f4f3acbd700: module 'lmnsd_gtls' has zero reference count,
> unloading...
> 1348.976504192:7f4f3acbd700: Unloading module lmnsd_gtls
> 
> This is the client/server config:
> 
> ########################################
> 
> $ModLoad imuxsock
> $ModLoad imklog
> $ModLoad immark
> $ModLoad imtcp
> $ModLoad imudp
> 
> #### GLOBAL DIRECTIVES ####
> 
> # Conexion por tls
> $DefaultNetstreamDriverCAFile /etc/pki/CA/certs/rootCA.crt
> $DefaultNetstreamDriverCertFile /etc/pki/rsyslog/cert.pem
> $DefaultNetstreamDriverKeyFile /etc/pki/rsyslog/cert.pem
> $DefaultNetstreamDriver gtls $ActionSendStreamDriverMode 1
> $ActionSendStreamDriverAuthMode x509/name
> $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
> $InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated
> $InputTCPServerRun 64785 # start up listener at port 64785
> 
> 
> * /logs/log
> 
> # Seguro TLS
> $WorkDirectory /logs/spool
> $ActionQueueFileName Secure
> $ActionQueueMaxDiskSpace 1g
> $ActionQueueSaveOnShutdown on
> $ActionQueueType LinkedList
> $ActionResumeRetryCount -1
> authpriv.*;auth.*;local5.* @@(o)server.domain.tld:10514
> 
> ##########################################
> 
> And this is the server config (server.domain.tld):
> 
> ##########################################
> 
> #### MODULES ####
> 
> $ModLoad imuxsock
> $ModLoad imklog
> $ModLoad immark
> $ModLoad imtcp
> $ModLoad imudp
> 
> #### GLOBAL DIRECTIVES ####
> 
> # Conexion por tls/tcp
> $DefaultNetstreamDriverCAFile /etc/pki/CA/certs/rootCA.crt
> $DefaultNetstreamDriverCertFile /etc/pki/rsyslog/cert.pem
> $DefaultNetstreamDriverKeyFile /etc/pki/rsyslog/cert.pem
> $DefaultNetstreamDriver gtls $InputTCPServerStreamDriverMode 1 # run
> driver in TLS-only mode $InputTCPServerStreamDriverAuthMode anon #
> client is NOT authenticated $InputTCPServerRun 10514 # start up listener at
> port 10514
> 
> *   /logs/log
> $IncludeConfig /etc/rsyslog.d/*.conf
> 
> ##########################################
> 
> If I remove the client/server certificate, leaving only the CA, the forwarding
> of local messages works, with the certificate the cleint/server receives, but
> do not send.
> 
> Anybody knows about it?
> 
> Thank you very much!
> 
> 
> Regards,
> 
> Carlos Fernández Manteiga <[email protected]>
> _______________________________________________
> rsyslog mailing list
> http://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com/professional-services/
> What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL:
> This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond
> our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.

Reply via email to