I would be surprised if this does not work, but I have not (yet) attempted to configure this. However it is a configuration that I need, so, I'm hoping to see an answer.
-derek On Sat, April 23, 2022 6:35 pm, Shane via rsyslog wrote: > Hi I am trying to get rsyslog to receive store/forward messages w/ tls on > both sides. > > client --->tls---> rsyslog --->tls---> remote.something > > I got it set up so i could send to the rsyslog server but then i couldn't > add another ca/cert files. My config was using global and > defaultnetstream > > I found on rsyslog.com that prior to 8.2202 it couldn't use tls on two > different source/dest. I found the cent 7 repo and got rsyslog-8.2204 > installed. Now nothing works. I think i got the config correct but the > client keeps getting rejected. > > Apr 23 17:13:39 rlog rsyslogd[11417]: GnuTLS handshake retry returned > error: The TLS connection was non-properly terminated. [v8.2204.0 try > https://www.rsyslog.com/e/2083 ] > Apr 23 17:13:39 rlog rsyslogd[11417]: netstream session 0x7f6a04013360 > from > 192.168.5.22 will be closed due to error [v8.2204.0 try > https://www.rsyslog.com/e/2089 ] > > So then i tried going to the ossl module. Now its even worse. My config > is a mess now too. > > Does tls on both sides work? > Do I need the 8.2202+ version? > Do you have an example config? > _______________________________________________ > rsyslog mailing list > https://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
