8.24 is a very old version at this point, and there has been a lot of work in
this area in the last year. you are probably actually running the redhat fork of
8.24 with some backports added.
please either contact RedHat for support of your forked version up update to a
current (8.21xx) version that the community can support.
David Lang
On Thu, 10 Jun 2021, Rajiv kumar via rsyslog
wrote:
Date: Thu, 10 Jun 2021 16:30:49 +0530
From: Rajiv kumar via rsyslog <[email protected]>
To: [email protected]
Cc: Rajiv kumar <[email protected]>
Subject: [rsyslog] rsyslog showing error
"gnutls returned error on handshake: Could not negotiate a supported ciphe
r suite. [v8.24.0 try http://www.rsyslog.com/e/2083 ]" for DHE-RSA cipher
suites
Hi Team,
I am using rsyslog to capture syslog messages, for some DHE ciphers I am
getting error "gnutls returned error on handshake: Could not negotiate a
supported cipher suite. [v8.24.0 try http://www.rsyslog.com/e/2083 ]"
*Ciphers for which rsyslog is working*
rsa-with-aes-128-cbc-sha
rsa-with-aes-128-cbc-sha256
rsa-with-aes-128-gcm-sha256
rsa-with-aes-256-cbc-sha
rsa-with-aes-256-cbc-sha256
rsa-with-aes-256-gcm-sha384
*Ciphers for which rsyslog showing error* "gnutls returned error on
handshake: Could not negotiate a supported cipher suite. [v8.24.0 try
http://www.rsyslog.com/e/2083 ]"
dhe-rsa-with-aes-128-cbc-sha
dhe-rsa-with-aes-128-cbc-sha256
dhe-rsa-with-aes-128-gcm-sha256
dhe-rsa-with-aes-256-cbc-sha
dhe-rsa-with-aes-256-cbc-sha256
*Rsyslog version*
rsyslogd -v
rsyslogd 8.24.0, compiled with:
PLATFORM: x86_64-redhat-linux-gnu
PLATFORM (lsb_release -d):
FEATURE_REGEXP: Yes
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
memory allocator: system default
Runtime Instrumentation (slow code): No
uuid support: Yes
Number of Bits in RainerScript integers: 64
See http://www.rsyslog.com for more information.
*gnutls-cli -v*
gnutls-cli 3.3.26
Copyright (C) 2000-2017 Free Software Foundation, and others, all rights
reserved.
This is free software. It is licensed for use, modification and
redistribution under the terms of the GNU General Public License,
version 3 or later http://gnu.org/licenses/gpl.html
Please send bug reports to: [email protected]
*gnutls-serv -v*
gnutls-serv 3.3.26
Copyright (C) 2000-2017 Free Software Foundation, and others, all rights
reserved.
This is free software. It is licensed for use, modification and
redistribution under the terms of the GNU General Public License,
version 3 or later http://gnu.org/licenses/gpl.html
Please send bug reports to: [email protected]
*openssl version*
OpenSSL 1.0.2k-fips 26 Jan 2017
I could authenticate with gnutls-serv and openssl with same certificates
but rsyslog shows error.
Could you please let me know the reason and help me in resolving the issue?
Thanks,
Rajiv
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
