Hi, I'm setting up centralized logging with rsyslog and RELP and I want to secure things with TLS.
However, it's not really clear to me what TLS authentication modes rsyslog / RELP supports? Is server authentication only supported or is mutual authentication always required? The documentation tutorials set up mutual authentication with client certificates included, but I'm not sure if that is due to them being required or just to provide a comprehensive example. On the imrelp documentation page at: https://www.rsyslog.com/doc/v8-stable/configuration/modules/imrelp.html Under TLS.PermittedPeer it says: --- Peer places access restrictions on this listener. Only peers which have been listed in this parameter may connect. The validation bases on the certificate the remote peer presents. --- To me it sounds like if you don't configure this, client authentication is not required? But also... Under TLS.AuthMode it says: --- type | default | mandatory ---------------------------- string | none | no Sets the mode used for mutual authentication. --- This sounds like the actual setting for mutual authentication... With this set to "none", I would assume mutual authentication is not required? Currently without configuring certificates on clients my TLS handshakes are failing and now I'm unsure if it's due to TLS library issues or due to client certificates being required? It would be nice if mutual authentication is not required since the overhead of creating certificates for every client is really big... _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
