Completly wrong advise. You somewhere set the default to gtls.
grep -r gtls /etc To find where Rainer Sent from phone, thus brief. Ozgur Karatas via rsyslog <[email protected]> schrieb am Mi., 25. Juni 2025, 21:59: > Hello, > > i think you should completely uninstall rsyslog and compile and > install it because i think rpm package you have doesnt support TLS. > > git clone https://github.com/rsyslog/rsyslog.git > > ./autogen.sh > ./configure --enable-imudp --enable-imtcp --enable-omstdout > --enable-gnutls --enable-openssl > make > make install > > Ozgur > > Mehmet Avcioglu <[email protected]>, 25 Haz 2025 Çar, 22:56 tarihinde > şunu yazdı: > > > > > also remember dont forget that openssl is experimental. > > > > I am trying to find the more stable one, as mentioned before I see > > crashes with gnutls, and I figured I would try openssl based on > > earlier comments from David. > > > > My config is like below, I don't have load=gtls and I uninstalled > > rsyslog-gnutls package. I can compile the rsyslog package but was > > hoping that I could do it with precompiled packages. > > > > action( > > type="omrelp" > > target="10.3.2.5" > > port="11514" > > tls="on" > > tls.authmode="name" > > tls.permittedpeer=["host.domain.com"] > > ) > > > > # rsyslogd -v > > rsyslogd 8.2502.0 (aka 2025.02) compiled with: > > PLATFORM: x86_64-redhat-linux-gnu > > PLATFORM (lsb_release -d): > > FEATURE_REGEXP: Yes > > GSSAPI Kerberos 5 support: Yes > > FEATURE_DEBUG (debug build, slow code): No > > 32bit Atomic operations supported: Yes > > 64bit Atomic operations supported: Yes > > memory allocator: system default > > Runtime Instrumentation (slow code): No > > uuid support: Yes > > systemd support: Yes > > Config file: /etc/rsyslog.conf > > PID file: /var/run/syslogd.pid > > Number of Bits in RainerScript integers: 64 > > > > # rpm -qa|grep rsyslog > > rsyslog-8.2502.0-1.el8.x86_64 > > rsyslog-relp-8.2502.0-1.el8.x86_64 > > rsyslog-openssl-8.2502.0-1.el8.x86_64 > > > > > > On Wed, Jun 25, 2025 at 9:56 PM Ozgur Karatas <[email protected]> wrote: > > > > > > Mehmet Avcioglu via rsyslog <[email protected]>, 25 Haz 2025 > > > Çar, 15:38 tarihinde şunu yazdı: > > > > > > > > How does rsyslog decide whether to use gnutls or openssl? I > > > > specifically installed the rsyslog-openssl package and removed > > > > rsyslog-gnutls package from Rocky8 servers, but possibly gnutls is > > > > still used instead of openssl, as the logs reference gnutls and I > > > > still see rsyslog linking to gnutls library. Any insight would be > > > > appreciated. > > > > > > > > > > Hello, > > > > > > first use rsyslogd -v and check TLS support. > > > second check your config: > > > > > > module(load="gtls") - gnutls > > > module(load="omrelp") - relp tls > > > > > > also remember dont forget that openssl is experimental. > > > if you use source code please use: > > > > > > ./configure --enable-openssl > > > > > > Ozgur > > > > > > > > > > I am using 8.2502 and relp. The reason why I want to try openssl > > > > instead of gnutls is that sometimes (which I cannot reproduce myself) > > > > right after gnutls error messages, like the ones given below, client > > > > rsyslog exits. > > > > > > > > omrelp[11514]: error 'TLS record write failed [gnutls error -53: > Error > > > > in the push function.]' > > > > imrelp[11514]: error 'TLS record write failed [gnutls error -408: > > > > Cannot perform this action while handshake is in progress.]', object > > > > 'lstn 11514: conn to clt 10.6.9.4' - input may not work as intended > > > > "imrelp[11514]: error 'TLS handshake failed [gnutls error -54: Error > > > > in the pull function.]', object 'lstn 11514: conn to clt 10.6.9.4' - > > > > input may not work as intended" > > > > > > > > # ldd /lib64/rsyslog/omrelp.so | grep -E 'ssl|gnutls' > > > > libgnutls.so.30 => /lib64/libgnutls.so.30 (0x00007894a4400000) > > > > libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007894a4000000) > > > > > > > > # lsof -p $(pidof rsyslogd) | grep -E 'ssl|gnutls' > > > > rsyslogd 2077751 root mem REG 253,0 619872 > > > > 402886459 /usr/lib64/libssl.so.1.1.1k > > > > rsyslogd 2077751 root mem REG 253,0 2051648 > > > > 402886940 /usr/lib64/libgnutls.so.30.28.2 > > > > > > > > # cat /proc/$(pidof rsyslogd)/maps | grep -E 'ssl|gnutls' > > > > 7ffad7d8d000-7ffad7e14000 r-xp 00000000 fd:00 402886459 > > > > /usr/lib64/libssl.so.1.1.1k > > > > 7ffad7e14000-7ffad8014000 ---p 00087000 fd:00 402886459 > > > > /usr/lib64/libssl.so.1.1.1k > > > > 7ffad8014000-7ffad801d000 r--p 00087000 fd:00 402886459 > > > > /usr/lib64/libssl.so.1.1.1k > > > > 7ffad801d000-7ffad8021000 rw-p 00090000 fd:00 402886459 > > > > /usr/lib64/libssl.so.1.1.1k > > > > 7ffad8022000-7ffad81ff000 r-xp 00000000 fd:00 402886940 > > > > /usr/lib64/libgnutls.so.30.28.2 > > > > 7ffad81ff000-7ffad83fe000 ---p 001dd000 fd:00 402886940 > > > > /usr/lib64/libgnutls.so.30.28.2 > > > > 7ffad83fe000-7ffad840f000 r--p 001dc000 fd:00 402886940 > > > > /usr/lib64/libgnutls.so.30.28.2 > > > > 7ffad840f000-7ffad8411000 rw-p 001ed000 fd:00 402886940 > > > > /usr/lib64/libgnutls.so.30.28.2 > > > > > > > > Thank you > > > > > > > > -- > > > > Mehmet > > > > _______________________________________________ > > > > rsyslog mailing list > > > > https://lists.adiscon.net/mailman/listinfo/rsyslog > > > > http://www.rsyslog.com/professional-services/ > > > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if > you DON'T LIKE THAT. > > > > > > > _______________________________________________ > rsyslog mailing list > https://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
