are you sure the Cisco is supporting TLS, not just doing plaintext over TCP?
If the client has a cert to offer, we still want to gather the data from it, even if we don't require validation.
David Lang On Mon, 2 May 2016, Wingard, Nathaniel wrote:
Date: Mon, 2 May 2016 17:35:20 +0000 From: "Wingard, Nathaniel" <[email protected]> Reply-To: rsyslog-users <[email protected]> To: "[email protected]" <[email protected]> Subject: Re: [rsyslog] TLS Anon Patch Aparently I can't use my own email client... I am using Rsyslog 8.18.0 and have several Cisco ASAs sending logs via TCP TLS. One of the recent patches to the Cisco IOS tends to cause the syslog connection to break when the ASA receives a Client Certificate Request as part of the TLS handshake. I am running rsyslog with the StreamDriver.AuthMode="anon" config. As such I do not require the client certificate for anything. I have attached a patch that I hope will be accepted into the mainline that disables the client certificate request when in TLS "anon" mode. I don't see any side effects to this change, but my testing has been limited to "Works for Me" as I don't have a very good testbench. Thanks, Nathaniel From: Wingard, Nathaniel Sent: Monday, May 02, 2016 1:31 PM To: '[email protected]' Subject: TLS Anon Patch I am using Rsyslog 8.18.0 and have several Cisco ASAs sending logs via TCP TLS. One of the recent patches to the Cisco IOS tends to cause the syslog connection to break when the ASA receives a Client Certificate Request as part of the TLS handshake. I am running rsyslog with the following congi ________________________________ This email message and any attachments may contain confidential, proprietary or non-public information. The information is intended solely for the designated recipient(s). If an addressing or transmission error has misdirected this email, please notify the sender immediately and destroy this email. Any review, dissemination, use or reliance upon this information by unintended recipients is prohibited. Any opinions expressed in this email are those of the author personally.
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
