On Wed, May 7, 2014 at 4:11 PM, Radu Gheorghe <[email protected]>wrote:
> Hi Barry, > > I remember seeing this error, but I don't remember the context. Do you have > the rsyslog-gnutls package installed? Or did you enable gnutls when > compiling it? > > If yes, can you double-check the validity of your certificate. I see a > strange issue being reported in this thread: > http://kb.monitorware.com/rsyslog-with-tls-does-not-work-for-t12092.html > > If these don't help, can you say more about your OS and GnuTLS versions? > > A debug log may also be useful -- in case that we fail to emit the real error message, we should probably see it there (and get a chance to fix the error message handling). Rainer PS: I am off for LinuxTag Berlin tomorrow morning and will probably be very unresponsive the next couple of days (same as today while doint the prep work ;)). > Best regards, > Radu > > -- > Performance Monitoring * Log Analytics * Search Analytics > Solr & Elasticsearch Support * http://sematext.com/ > > > On Wed, May 7, 2014 at 9:46 AM, Barry Haycock <[email protected] > >wrote: > > > > > > > Hi all, > > > > I was wondering if I could request some assistance. > > > > Currently, I am trying to setup TCP encryption and I get the following > > error on my rsyslog server when the client is trying to send encrypted > TCP > > log events. > > > > <Date> <server>: netsteam session 0x7fae50001740 will be closed due to > > error [try http://www.rsyslog.com/e/2089] > > <Date> <server>: netsteam session 0x7fae50002db0 will be closed due to > > error [try http://www.rsyslog.com/e/2089] > > <Date> <server>: netsteam session 0x7fae500097a0 will be closed due to > > error [try http://www.rsyslog.com/e/2089] > > > > Web research states that there should be an error message preceding this > > error. I don't get any error messages prior to this. > > > > My Server config is > > Rsyslog V7.6.3 (GNUTLS V2.8.5) > > $DefaultNetstreamDriver gtls > > $DefaultNetstreamDriverCAFile <Path to CA PEM> > > $DefaultNetstreamDriverCertFile <Path to Cert> > > $DefaultNetstreamDriverKeyFile <Path to Key> > > > > module(load="imtcp" MaxListeners="2000" StreamDriver.Name="gtls" > > StreamDriver.Mode="1" StreamDriver.AuthMode="X509/name") > > input(type-"imtcp" port="6173" name="tcp-tls") > > > > My client config is > > Rsyslog V5.8.10 (gnuTLSV2.8.5) > > $DefaultNetstreamDriver gtls > > $DefaultNetstreamDriverCAFile <Path to CA PEM> > > $DefaultNetstreamDriverCertFile <Path to Cert> > > $DefaultNetstreamDriverKeyFile <Path to Key> > > $ActionSendStreamDriverAuthMode x509/name > > $ActionSendSteamDriverMode 1 > > > > *.info;mail.none;authpriv.none;cron.none /var/log/messages > > & @@<rsyslog_server>:6173;VLMessagesFwdFmt > > > > The client is the bog standard rsyslog client as delivered on my centos > > test machine while the server (which is the same OS) has been upgraded to > > the V7.6.3 release from the rsyslog website. > > My CA and certificates for testing is one created using openssl. > > > > Any ideas would be appreciated. > > > > -- > > > > Barry > > > > Banpen Fugyou - 10,000 Changes, No surprises > > > > > > > > ---------------------------------------------------------------- > > This message was sent using IMP, the Internet Messaging Program. > > _______________________________________________ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > > DON'T LIKE THAT. > > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
