The error is very clear that rsyslog is not able to read the file, so either you
have the wrong path, or there is a permission problem (classic/apparmor/selinux
permissions)
If you enable debug logging and capture that, you can go through it looking for
the error message and see exactly what it's trying to access (to make sure it's
trying to access what you think it is)
David Lang
On Mon, 5 Feb 2024, Garry Allen wrote:
Thanks David
I have tried running it with ryslogd -n as root but it gives the same error
message. I made sure before running it that the rsyslog service and the
syslog socket were stopped but it gives the same error. I should also say
that I have switched to openssl when the omrelp module is loaded. It
appears to be very similar to this question asked on stackoverflow at the
start of January
ubuntu with syslog with TLS and RELP certificate error
<https://stackoverflow.com/questions/77771294/syslog-with-tls-and-relp-certificate-error-issues>
Garry
On Mon, Feb 5, 2024 at 3:49 PM David Lang <da...@lang.hm> wrote:
on many systems, the permissions of a program started at boot are no
longer
simple root (systemd is being configured to to retrict the programs
significantly
So I would suggest that you try starting rsyslog as root manually and see
if
that avoids this error message. If so, then it's a difference in the
permissions
when run as root vs when started at boot.
David Lang
On Mon, 5 Feb 2024, Garry Allen via rsyslog wrote:
I am trying to get Ubuntu 22.04 rsyslog clients to connect to a Red Hat
8.8
rsyslog server using RELP over TLS. The Red Hat server has been
configured
using the guidelines supplied by Red Hat. Both client and server have
certificates issued by a common certificate authority.. The Ubuntu client
is running apparmor. However the local apparmor config for rsyslog has
been
updated to include the client certificate path with the root permission
set
to r in the apparmor config.
I can do an openssl s_client -connect to the rsyslog server with the
CAfile, client certificate and key for the rsyslog client. When I attempt
to start the rsyslog service I am getting
"omrelp[server-FQDN:server port} error 'relpTcpInitTLS: Error CA
certificate could not be accessed. Is the file at the right path ? And do
we have the permissions?....."
I have tried putting apparmor into complain mode and stopping the
apparmor
service altogether. Neither had any effect.
Is it something to do with the hostname and subjectAltName. The machine
does have a FQDN rather than a short hostname but it looks like the
hostname used by rsyslog is the short Ubuntu hostname. Im looking for
suggestions.
thanks
Garry
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
DON'T LIKE THAT.
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
