Thanks for the response. Kind of gets weirder. First, I added the line as you suggested to the server config; no difference. I tried s_client and I *do* get some stuff through to the server log, but it is gibberish. Still nothing from rsyslog client itself. s_client does show just CONNECT with nothing else, even when I specify the client cert/key that is given to rsyslog. Both that and the server cert were generated from the same CA, though I wonder if I messed something up somewhere with that.
On 6/27/14, 10:39 AM, Masuda, Bond wrote: > Micah: > > First, to test TLS connection and verify you've got it setup correctly, use > the "s_client" in openssl to connect to your TLS port. If it is working as > expected, you should see your certificate on the screen; if not, you'll just > see "CONNECTED" and not much else. If it isn't working as expected, then > troubleshoot further. > > Looking over my own configurations, I recall that the only way I got it to > work was to still use the old configuration style, and include the following > statements: > > $DefaultNetstreamDriver gtls > > This was even though I had this for imtcp: > > module( load="imtcp" > MaxSessions="1000" > StreamDriver.Name="gtls" > StreamDriver.Mode="1" > StreamDriver.AuthMode="anon") > > Try including the $DefaultNetstreamerDriver statement and see if that works > (after you verify with openssl s_client that it isn't). > > -Bond > > --- you wrote: --- > Hi, > > I posted this earlier. I noted that I had got a weird epoll error with > the 8.2.1 RPM and that I had not received it with the git master branch, > but that messages were still not coming through. > > I just refreshed the git tree and switched to v8-stable. No epoll error > but I'm not getting anything through. > > I *think* my config is right. > > Server: > > # Provides TLS-encrypted TCP syslog reception > module(load="imtcp" StreamDriver.name="gtls" MaxSessions="500") > $DefaultNetstreamDriverCAFile /etc/rsyslog.d/ca.pem > $DefaultNetstreamDriverCertFile /etc/rsyslog.d/server.crt > $DefaultNetstreamDriverKeyFile /etc/rsyslog.d/server.key > input(type="imtcp" port="1054") > > Client: > > $DefaultNetstreamDriver gtls > $DefaultNetstreamDriverCAFile /etc/rsyslog.d/ca.pem > $DefaultNetstreamDriverCertFile /etc/rsyslog.d/client1.crt > $DefaultNetstreamDriverKeyFile /etc/rsyslog.d/client1.crt > > action(type="omfwd" > Target="<IP redacted>" > Port="1054" > Protocol="tcp" > StreamDriverAuthMode="x509/name" > StreamDriverMode="1" > ) > > tcpdump does show packets getting to the server, but of course I can't > tell what's in them. > > Anything obviously wrong with the config? > > Thanks! > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
