Mar 11 17:26:01 testVM rsyslogd[6693]: error reading certificate file
'/root/rsyslog-server/ca.pem' - a common cause is that the file does not exist
[v8.24.0-57.el7_9 try http://www.rsyslog.com/e/2078 ]
As you can see, the rsyslog daemon cannot - for some reason - read the file.
Fistly - the obvious question - are you sure you didn't do a typo or
something? (have you checked copy-pasting paths from config file and
reading the files?)
Secondly - CentOS7 by default ships with SELinux enabled. So even though
rsyslogd by default runs as root in CentOS7, it won't be able to access
the files because selinux context mismatch.
This location is bad, anyway. You shouldn't put configuration elements
in root's home directory. It's what /etc is for.
I want to create a pair of certificates for all my machines (not separately for
each machine).
These machines may have completely different domain names but I want all of
them to send their logs with the same certificate (for convenience) to a
central rsyslog machine.
Bad idea. If you're going for encryption, do it properly.
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
