[rsyslog] TLS Certificate problem

[Muhammad Asif]

Hi Rsyslog Family,

I have spent about two weeks on configuring RELP on TLS  in rsyslog. In
start I tried on Centos 6.5  but due to old GnuTLS, I could not do this so
I installed Ubuntu 14.4 on server and client and follow the tutorial but
now i am stuck in another problem. Please guide me where i am wrong.

Server

Dec  7 14:20:59 server rsyslogd: [origin software="rsyslogd"
swVersion="8.6.0" x-pid="2966" x-info="http://www.rsyslog.com";] start
Dec  7 14:20:59 server rsyslogd: rsyslogd's groupid changed to 104
Dec  7 14:20:59 server rsyslogd: rsyslogd's userid changed to 101
Dec  7 14:20:59 server rsyslogd-2077: Could not create tcp listener,
ignoring port 514. [try http://www.rsyslog.com/e/2077 ]
Dec  7 14:20:59 server rsyslogd-2353: imrelp[10514]: error 'error while
binding relp tcp socket on port '10514'', object  'lstn 10514' - input may
not work as intended [try http://www.rsyslog.com/e/2353 ]
Dec  7 14:20:59 server rsyslogd-2353: imrelp[10514]: error 'error while
binding relp tcp socket on port '10514'', object  'lstn 10514' - input may
not work as intended [try http://www.rsyslog.com/e/2353 ]
Dec  7 14:20:59 server rsyslogd-2291: imrelp: could not activate relp
listner, code 10005 [try http://www.rsyslog.com/e/2291 ]
Dec  7 14:20:59 server rsyslogd: rsyslogd's groupid changed to 104
Dec  7 14:20:59 server rsyslogd: rsyslogd's userid changed to 101
Dec  7 14:21:08 server rsyslogd-2353: imrelp[10514]: error 'TLS handshake
failed [gnutls error -9: A TLS packet with unexpected length was
received.]', object  'lstn 10514: conn to clt 192.168.1.211/192.168.1.211'
- input may not work as intended [try http://www.rsyslog.com/e/2353 ]



Client

Dec  7 14:21:08 client rsyslogd-2007: action 'action 12' suspended, next
retry is Sun Dec  7 14:21:38 2014 [try http://www.rsyslog.com/e/2007 ]
Dec  7 14:21:08 client rsyslogd-2353: omrelp[192.168.1.210:10514]: error
'Failed to set certificate trust file [gnutls error -64: Error while
reading file.]', object  'conn to srvr 192.168.1.210:10514' - action may
not work as intended [try http://www.rsyslog.com/e/2353 ]
Dec  7 14:21:08 client rsyslogd-2353: omrelp[192.168.1.210:10514]: error
'Failed to set certificate trust file [gnutls error -64: Error while
reading file.]', object  'conn to srvr 192.168.1.210:10514' - action may
not work as intended [try http://www.rsyslog.com/e/2353 ]
Dec  7 14:21:08 client rsyslogd-2007: action 'action 12' suspended, next
retry is Sun Dec  7 14:21:38 2014 [try http://www.rsyslog.com/e/2007 ]
Dec  7 14:21:08 client rsyslogd: rsyslogd's groupid changed to 104
Dec  7 14:21:08 client rsyslogd: rsyslogd's userid changed to 101
Dec  7 14:21:08 client rsyslogd-2077: Could not create tcp listener,
ignoring port 514. [try http://www.rsyslog.com/e/2077 ]
Dec  7 14:21:08 client rsyslogd: rsyslogd's groupid changed to 104
Dec  7 14:21:08 client rsyslogd: rsyslogd's userid changed to 101
Dec  7 14:22:09 client rsyslogd-2353: omrelp[192.168.1.210:10514]: error
'Failed to set certificate trust file [gnutls error -64: Error while
reading file.]', object  'conn to srvr 192.168.1.210:10514' - action may
not work as intended [try http://www.rsyslog.com/e/2353 ]



Regards
M. Asif
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.