Hi, I am trying to do rsyslog with TLS connection with a remote server. I am able to run rsyslog server with TLS successfully. But in the Rsyslog client side I am getting certificates loading errors.
Here is the configuration and logs info: *Rsyslog-server-configuration:* administrator@ubuntu-2:~$ cat /etc/rsyslog.d/logserver.conf $DefaultNetstreamDriver gtls $DefaultNetstreamDriverCAFile /etc/rsyslog/ca.pem $DefaultNetstreamDriverCertFile /etc/rsyslog/rslserver-cert.pem $DefaultNetstreamDriverKeyFile /etc/rsyslog/rslserver-key.pem $ModLoad imtcp $InputTCPServerStreamDriverAuthMode anon $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode $ActionSendStreamDriverAuthMode x509/name $ActionSendStreamDriverPermittedPeer dhcp-blr-kmgm-blk2-4fl-6fl-client-ip.in.oracle.com $ActionSendStreamDriverMode 1 # run driver in TLS-only mode $InputTCPServerRun 10514 # Increase the amount of open files rsyslog is allowed, which includes open tcp sockets # This is important if there are many clients. # http://www.rsyslog.com/doc/rsconf1_maxopenfiles.html $MaxOpenFiles 2048 administrator@ubuntu-2:~$ *Rsyslog-client-configuration:* administrator@ubutnu:~/rsyslog-certificates$ cat /etc/rsyslog.d/log-client.conf $DefaultNetstreamDriver gtls $DefaultNetstreamDriverCAFile /etc/rsyslog/ca.pem $DefaultNetstreamDriverCertFile /etc/rsyslog/rslclient-cert.pem $DefaultNetstreamDriverKeyFile /etc/rsyslog/rslclient-key.pem $ActionSendStreamDriverPermittedPeer dhcp-blr-kmgm-blk2-4fl-6fl-remote-ip.in.oracle.com $ActionSendStreamDriverMode 1 # run driver in TLS-only mode $ActionSendStreamDriverAuthMode x509/name *.* @@<remote-ip>:10514 administrator@ubuntu:~/rsyslog-certificates$ *Getting Error logs on the client side.* */var/log/rsyslog* *May 18 13:14:52 Ubuntu rsyslogd: rsyslogd's groupid changed to 104May 18 13:14:52 Ubuntu rsyslogd: rsyslogd's userid changed to 101May 18 13:14:52 Ubuntu rsyslogd: [origin software="rsyslogd" swVersion="8.2206.0.c74f5c8523ef" x-pid="8898" x-info="https://www.rsyslog.com <https://www.rsyslog.com/>"] startMay 18 13:14:54 Ubuntu rsyslogd: error reading file - a common cause is that the file does not exist [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]May 18 13:14:54 Ubuntu rsyslogd: error adding our certificate. GnuTLS error -64, message: 'Error while reading file.', key: '/etc/rsyslog/rslclient-key.pem', cert: '/etc/rsyslog/rslclient-cert.pem' [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]May 18 13:14:54 Ubuntu rsyslogd: action 'action-11-builtin:omfwd' suspended (module 'builtin:omfwd'), retry 0. There should be messages before this one giving the reason for suspension. [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2007 <https://www.rsyslog.com/e/2007> ]May 18 13:14:55 Ubuntu rsyslogd: error reading file - a common cause is that the file does not exist [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]May 18 13:14:55 Ubuntu rsyslogd: error adding our certificate. GnuTLS error -64, message: 'Error while reading file.', key: '/etc/rsyslog/rslclient-key.pem', cert: '/etc/rsyslog/rslclient-cert.pem' [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]May 18 13:14:55 Ubuntu rsyslogd: action 'action-11-builtin:omfwd' suspended (module 'builtin:omfwd'), next retry is Wed May 18 13:15:25 2022, retry nbr 0. There should be messages before this one giving the reason for suspension. [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2007 <https://www.rsyslog.com/e/2007> ]May 18 13:15:00 Ubuntu rsyslogd: error reading file - a common cause is that the file does not exist [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]May 18 13:15:00 Ubuntu rsyslogd: error adding our certificate. GnuTLS error -64, message: 'Error while reading file.', key: '/etc/rsyslog/rslclient-key.pem', cert: '/etc/rsyslog/rslclient-cert.pem' [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]May 18 13:15:00 Ubuntu rsyslogd: action 'action-11-builtin:omfwd' suspended (module 'builtin:omfwd'), retry 1. There should be messages before this one giving the reason for suspension. [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2007 <https://www.rsyslog.com/e/2007> ]May 18 13:15:05 Ubuntu rsyslogd: error reading file - a common cause is that the file does not exist [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]May 18 13:15:05 Ubuntu rsyslogd: error adding our certificate. GnuTLS error -64, message: 'Error while reading file.', key: '/etc/rsyslog/rslclient-key.pem', cert: '/etc/rsyslog/rslclient-cert.pem' [v8.2206.0.c74f5c8523ef try https://www.rsyslog.com/e/2078 <https://www.rsyslog.com/e/2078> ]* Please help me to fix this issue if anything i missed. Thanks and Regards, Sachin _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
