Re: [rsyslog] TLS still not receiving messages

Fri, 27 Jun 2014 08:40:43 -0700 

Micah:

First, to test TLS connection and verify you've got it setup correctly, use the 
"s_client" in openssl to connect to your TLS port. If it is working as 
expected, you should see your certificate on the screen; if not, you'll just 
see "CONNECTED" and not much else. If it isn't working as expected, then 
troubleshoot further.

Looking over my own configurations, I recall that the only way I got it to work 
was to still use the old configuration style, and include the following 
statements:

$DefaultNetstreamDriver gtls

This was even though I had this for imtcp:

module( load="imtcp"
        MaxSessions="1000"
        StreamDriver.Name="gtls"
        StreamDriver.Mode="1"
        StreamDriver.AuthMode="anon")

Try including the $DefaultNetstreamerDriver statement and see if that works 
(after you verify with openssl s_client that it isn't).

-Bond

--- you wrote: ---
Hi,

I posted this earlier.  I noted that I had got a weird epoll error with
the 8.2.1 RPM and that I had not received it with the git master branch,
but that messages were still not coming through.

I just refreshed the git tree and switched to v8-stable. No epoll error
but I'm not getting anything through.

I *think* my config is right.

Server:

# Provides TLS-encrypted TCP syslog reception
module(load="imtcp" StreamDriver.name="gtls" MaxSessions="500")
$DefaultNetstreamDriverCAFile /etc/rsyslog.d/ca.pem
$DefaultNetstreamDriverCertFile /etc/rsyslog.d/server.crt
$DefaultNetstreamDriverKeyFile /etc/rsyslog.d/server.key
input(type="imtcp" port="1054")

Client:

$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/rsyslog.d/ca.pem
$DefaultNetstreamDriverCertFile /etc/rsyslog.d/client1.crt
$DefaultNetstreamDriverKeyFile /etc/rsyslog.d/client1.crt

action(type="omfwd"
       Target="<IP redacted>"
       Port="1054"
       Protocol="tcp"
       StreamDriverAuthMode="x509/name"
       StreamDriverMode="1"
      )

tcpdump does show packets getting to the server, but of course I can't
tell what's in them.

Anything obviously wrong with the config?

Thanks!

_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.

Reply via email to