[rsyslog] Problem with Ubuntu 14.04 rsyslog TLS

Mon, 07 Mar 2016 08:59:57 -0800 

Hi all,

I am pretty lost with rsyslog with tcp reciever with TLS. My software
versions are:

syslogd -v
rsyslogd 7.4.4, compiled with:
    FEATURE_REGEXP:                Yes
    FEATURE_LARGEFILE:            No
    GSSAPI Kerberos 5 support:        Yes
    FEATURE_DEBUG (debug build, slow code):    No
    32bit Atomic operations supported:    Yes
    64bit Atomic operations supported:    Yes
    Runtime Instrumentation (slow code):    No
    uuid support:                Yes

gnutls-cli -v
gnutls-cli (GnuTLS) 2.12.23
Packaged by Debian (2.12.23-12ubuntu2.5)
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

This is part (relevant) of my config:

$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/rsyslog.d/ca-cert.pem
$DefaultNetstreamDriverCertFile /etc/rsyslog.d/server-cert.pem
$DefaultNetstreamDriverKeyFile /etc/rsyslog.d/server-key.pem
#$ModLoad imtcp
$InputTCPMaxSessions 1000
$InputTCPServerStreamDriverMode 1
$InputTCPServerStreamDriverAuthMode x509/name
$InputTCPServerStreamDriverPermittedPeer host.host.com

Into the client side i have generated the certificates from the same CA,
and configured it like this:
DefaultNetstreamDriverCAFile /etc/rsyslog/ca-key.pem
$DefaultNetstreamDriverCertFile /etc/rsyslog/host-cert.pem
$DefaultNetstreamDriverKeyFile /etc/rsyslog/host-key.pem
$ActionSendStreamDriver gtls # use gtls netstream driver
$ActionSendStreamDriverMode 1 # require TLS
$ActionSendStreamDriverAuthMode x509/name
#$ActionSendStreamDriverPermittedPeer server.host.host

The error i have is the following:

LogServer rsyslogd-2078: netstream session 0x7fb070004d80 will be closed
due to error

If i enable the debug, the rilevant parts are:

4604.960233682:7fb0777fe700: omfile: start of data: 'Mar  7 16:30:04
LogServer rsyslogd-2078: netstream session 0x7fb070004d80 will be closed
due to error [try http://www.rsyslog.c'

For the certificate creation, i have used this guide:

http://www.rsyslog.com/doc/v7-stable/tutorials/tls_cert_ca.html

If i put the authentication of the tls to "anon", it works correctly
($ActionSendStreamDriverAuthMode anon).

Any idea of how to debug this ?

Cheers,
Claudio.

_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.

Reply via email to