> -----Original Message----- > From: Derek Atkins <de...@ihtfp.com> > Sent: Freitag, 2. Juni 2023 15:27 > To: alorb...@adiscon.com > Cc: rsyslog-users <rsyslog@lists.adiscon.com>; Derek Atkins > <de...@ihtfp.com> > Subject: RE: [rsyslog] Omfwd OpenSSL TLS fails on 2023.04.0 > > Hi, > > On Fri, June 2, 2023 9:17 am, Andre Lorbach wrote: > > Hi, > > > > There has been no change on nsd_ossl.c driver since January 2023, so I > > believe this is not related to the different rsyslog versions you are > > running. > > The warnings tell you, that there is no client certificate configured > > which can be ok but unusual in this setup. The get rid of them I would > > recommend configuring a client certificate as well. > > I'm not using client-authentication, which is why there is no client cert. > Not sure why you consider it "unusual". But that's not the error I am > concerned about.
That is ok, but you will only have anon ciphers if you do not use a client side certificate. > > Regarding the SSL_ERROR_SYSCALL, it indicates a lower system level > > error which is 104 in your case. 104 means "Connection Reset by peer", > > so most likely the server dropped the client during handshake for some > reason. > > To tell more I would have to see debug log from the server. > > I wonder if there was some middleware that was doing something? I used > "openssl s_client" to connect to the server and it worked, and shortly > thereafter rsyslog started working too. Indeed, that's odd. If it happens again, I would be interested in the server-side error logged at the same time. Best regards, Andre Lorbach -- Adiscon GmbH Mozartstr. 21 97950 Großrinderfeld, Germany Ph. +49-9349-9298530 Geschäftsführer/President: Rainer Gerhards Reg.-Gericht Mannheim, HRB 560610 Ust.-IDNr.: DE 81 22 04 622 Web: www.adiscon.com - Mail: i...@adiscon.com Informations regarding your data privacy policy can be found here: https://www.adiscon.com/data-privacy-policy/ This e-mail may contain confidential and/or privileged information. If you are not the intended recipient or have received this e-mail in error please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren und die unbefugte Weitergabe dieser E-Mail sind nicht gestattet. _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
