Hello
After we upgraded our rsyslog server to ubuntu 16.04(from 14.04) our
clients(still ubuntu 14.04) can no longer send over logs using relp.
Relp with no TLS works fine, but if we turn on TLS we get the following error
message on the server: "rsyslogd: imrelp[20514]: authentication error
'certificate validation failed', peer is '' [v8.1903.0 try
https://www.rsyslog.com/e/2353 ]"
After taking a packet capture on the server and manually dumping the client
certificate, it looks fine(openssl can read it). We use subject common name and
not subjectAltName.
Both clients and server use the latest rsyslog version from ppa(8.1903.0).
Our server config:
input(
name="imrelpInput"
type="imrelp"
port="20514"
ruleset="XXXXXX"
tls="on"
tls.cacert="/etc/ssl/certs/ca-chain-cert.pem"
tls.mycert="/etc/ssl/certs/server.cert.pem"
tls.myprivkey="/etc/ssl/private/server.cert.key"
tls.permittedPeer=["*.clients.DOMAIN"]
tls.authMode="name"
tls.compression="off"
keepalive="on"
MaxDatasize="512K"
)
Not sure what else to try or look for, our current workaround is to turn off
tls.
Help or advice would be much appreciated.
Aksel D.
BDO CERT
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
