Show the final config you are trying to run. It could be related to $DefaultNetstreamDriver* options which should be mentioned only once. https://www.rsyslog.com/doc/v8-stable/rainerscript/global.html?highlight=defaultnetstreamdriver
In case it is needed, you can copy systemd rsyslog.service file and create new for second instance (both running different certs). http://rsyslog-users.1305293.n2.nabble.com/Mix-of-GTLS-and-PTCP-listeners-running-same-instance-td7591434.html#a7591445 Peter On Thu, Oct 25, 2018 at 11:22 PM Rory Toma via rsyslog <[email protected]> wrote: > > I have two separate files that work just fine. I have not been able to > successfully combine them. No matter what I try, I keep getting tls > errors, because one or the other is using wrong certs. Can anyone help here? > > file1: > $DefaultNetstreamDriver gtls > > # certificate files > $DefaultNetstreamDriverCAFile /opt/rsyslog/certs/ca.pem > $DefaultNetstreamDriverCertFile /opt/rsyslog/certs/cert.pem > $DefaultNetstreamDriverKeyFile /opt/rsyslog/certs/key.pem > > $MaxOpenFiles 100000 > > module(load="imtcp" MaxSessions="65534" StreamDriver.Mode="1" > StreamDriver.AuthMode="anon") # load TCP listener > > $WorkDirectory /export/rsyslog > $ActionQueueType LinkedList > $ActionQueueFileName srvrfwd > $ActionResumeRetryCount -1 > $ActionQueueSaveOnShutdown on > > ruleset(name="remote"){ > *.* @@10.66.13.148:8514 > } > > $InputTCPServerBindRuleset remote > $InputTCPServerRun 110 > > > file2: > $DefaultNetstreamDriver gtls > $DefaultNetStreamDriverCAFile /opt/rsyslog/certs/relp/ca.pem > $DefaultNetStreamDriverCertFile /opt/rsyslog/certs/relp/cert.pem > $DefaultNetStreamDriverKeyFile /opt/rsyslog/certs/relp/key.pem > > $WorkDirectory /export/rsyslog > $ActionQueueType LinkedList > $ActionQueueFileName srvrfws > $ActionResumeRetryCount -1 > $ActionQueueSaveOnShutdown on > > module(load="imrelp" ruleset="relp") > > input(type="imrelp" port="114" tls="on" tls.compression="on" > tls.authmode="fingerprint" ) > > ruleset(name="relp") { > *.* @@10.66.13.148:8514 > } > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
