FYI: I have also improved the error message, so that it now more precisely tells what is going on.
Rainer 2014-11-21 9:36 GMT+01:00 Rainer Gerhards <[email protected]>: > 2014-11-21 6:55 GMT+01:00 Muhammad Asif <[email protected]>: > >> Hi Geeks, >> >> I have installed rsyslog 8.4 and rsyslog-relp in Centos 6.5. I want to use >> TLS on RELP between remote server and client machine. Here is my >> configuration. >> >> module(load="imuxsock") >> module(load="imrelp" ruleset="relp") >> >> input(type="imrelp" port="10514" tls="on" >> tls.caCert="/etc/rsyslog.d/cert/cacert.pem" >> tls.myCert="/etc/rsyslog.d/cert/bloggercert.pem" >> tls.myPrivKey="/etc/rsyslog.d/cert/bloggerkey.pem" >> tls.authMode="name" >> tls.permittedpeer=["172.20.16.22","172.20.16.25"] >> ) >> ruleset (name="relp") { >> action(type="omfile" file="/var/log/relp_log") >> } >> >> When I restart the service, i receive log in message file as >> Nov 21 10:48:32 blogger rsyslogd-2291: imrelp: could not activate relp >> listner, code 10046 [try http://www.rsyslog.com/e/2291 ] >> >> > I have just checked the code. It means that the platform does not provide > TLS auth support. In general, this means that GnuTLS is too old. I remember > this is the case for Centos 6.5. You should be able to use TLS in anonymous > mode. While this does not guard against man-in-the-middle attacks, it at > least keeps message flow encrypted. > > The alternate solution is to install a current version of GnuTLS on that > system and rebuild librelp from source. > > Rainer > > >> What problem can be. Please guide me in this regard. >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> What's up with rsyslog? Follow https://twitter.com/rgerhards >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> DON'T LIKE THAT. >> > > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
