https://www.rsyslog.com/doc/v8-stable/configuration/modules/imtcp.html
https://www.rsyslog.com/doc/v8-stable/configuration/modules/omfwd.html HTH Rainer Sent from phone, thus brief. Derek Atkins <de...@ihtfp.com> schrieb am Di., 17. Mai 2022, 22:01: > Hi, > > Are there docs on how to set this up on a per-input and/or per-omfwd basis? > > All the docs I can find suggest setting the global DefaultNetstreamDriver* > variables, which in my case are not what I want because I need to be able > to use different keys/certs/CAs for the input/imtcp vs the omfwd > operations. > > I am running 8.2204.1. > > Thanks, > > -derek > > On Mon, April 25, 2022 3:03 am, Rainer Gerhards via rsyslog wrote: > > Yes, it's possible. Worked on that for quite some time last year ;-) > > > > Rainer > > > > El lun, 25 abr 2022 a las 7:41, Mariusz Kruk via rsyslog > > (<rsyslog@lists.adiscon.com>) escribió: > >> > >> There were some improvements to TLS handling introduced over several > >> versions so you'd have to review the changelog and docs. > >> > >> But from what I see, the omfwd module supports setting separate TLS > >> key/cert/cacert per action since 8.2108. > >> > >> The imtcp module also supports setting those on a per-input level since > >> 8.2108. > >> > >> So it should work. > >> > >> It is always a good idea to do a tcpdump and see how the handshake > >> progresses and when and where it fails. > >> > >> MK > >> > >> On 24.04.2022 00:35, Shane via rsyslog wrote: > >> > Hi I am trying to get rsyslog to receive store/forward messages w/ tls > >> on > >> > both sides. > >> > > >> > client --->tls---> rsyslog --->tls---> remote.something > >> > > >> > I got it set up so i could send to the rsyslog server but then i > >> couldn't > >> > add another ca/cert files. My config was using global and > >> defaultnetstream > >> > > >> > I found on rsyslog.com that prior to 8.2202 it couldn't use tls on > two > >> > different source/dest. I found the cent 7 repo and got rsyslog-8.2204 > >> > installed. Now nothing works. I think i got the config correct but > >> the > >> > client keeps getting rejected. > >> > > >> > Apr 23 17:13:39 rlog rsyslogd[11417]: GnuTLS handshake retry returned > >> > error: The TLS connection was non-properly terminated. [v8.2204.0 try > >> > https://www.rsyslog.com/e/2083 ] > >> > Apr 23 17:13:39 rlog rsyslogd[11417]: netstream session 0x7f6a04013360 > >> from > >> > 192.168.5.22 will be closed due to error [v8.2204.0 try > >> > https://www.rsyslog.com/e/2089 ] > >> > > >> > So then i tried going to the ossl module. Now its even worse. My > >> config > >> > is a mess now too. > >> > > >> > Does tls on both sides work? > >> > Do I need the 8.2202+ version? > >> > Do you have an example config? > >> > _______________________________________________ > >> > rsyslog mailing list > >> > https://lists.adiscon.net/mailman/listinfo/rsyslog > >> > http://www.rsyslog.com/professional-services/ > >> > What's up with rsyslog? Follow https://twitter.com/rgerhards > >> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > >> myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST > >> if you DON'T LIKE THAT. > >> _______________________________________________ > >> rsyslog mailing list > >> https://lists.adiscon.net/mailman/listinfo/rsyslog > >> http://www.rsyslog.com/professional-services/ > >> What's up with rsyslog? Follow https://twitter.com/rgerhards > >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >> DON'T LIKE THAT. > > _______________________________________________ > > rsyslog mailing list > > https://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > > DON'T LIKE THAT. > > > -- > Derek Atkins 617-623-3745 > de...@ihtfp.com www.ihtfp.com > Computer and Internet Security Consultant > > _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
