Hi I am trying to setup RELP communication over TLS on client and server. I have a couple of thousands hosts, so I was thinking to keep my current tcp/tls configuration where my syslog server will not authenticate the clients. In other words, my clients don't use certificates.
Is this doable with relp/tls? So far, no matter what I try, I am not able to successfully send/receive logs. I keep getting the following error on the server: Jun 27 01:44:01 syslog001 rsyslogd[616432]: imrelp[6514]: error 'TLS handshake failed [gnutls error -110: The TLS connection was non-properly terminated.]', object 'lstn 6514: conn to clt 10.61.91.6/10.61.91.6' - input may not work as intended [v8.2102.0-13.el8 try https://www.rsyslog.com/e/2353 ] Jun 27 01:44:01 syslog001 rsyslogd[616432]: imrelp[6514]: error 'TLS record write failed [gnutls error -408: Cannot perform this action while handshake is in progress.]', object 'lstn 6514: conn to clt 10.61.91.6/10.61.91.6' - input may not work as intended [v8.2102.0-13.el8 try https://www.rsyslog.com/e/2353 ] Jun 27 01:44:01 syslog001 rsyslogd[616432]: imrelp[6514]: error 'TLS handshake failed [gnutls error -87: No supported cipher suites have been found.]', object 'lstn 6514: conn to clt 10.61.85.7/host1.internal.net' - input may not work as intended [v8.2102.0-13.el8 try https://www.rsyslog.com/e/2353 ] Jun 27 01:44:01 syslog001 rsyslogd[616432]: imrelp[6514]: error 'TLS handshake failed [gnutls error -87: No supported cipher suites have been found.]', object 'lstn 6514: conn to clt 10.61.85.7/host1.internal.net' - input may not work as intended [v8.2102.0-13.el8 try https://www.rsyslog.com/e/2353 ] The guide in [https://www.rsyslog.com/using-tls-with-relp/] states that: " Anonymous authentication can be reached by simply using tls=”on”, but not setting any other parameters. " I followed the suggestion on the guide in order to have anonymous authentication, but that also did not work. Anyone had any success configuring relp/anonymus tls on clients? My config: ## Server input( name="imrepl" type="imrelp" port="6514" Ruleset="forwarding" tls="on" tls.myCert="/etc/pki/rsyslog/rsyslog.crt" tls.myPrivKey="/etc/pki/rsyslog/srsyslog.key" tls.caCert="/etc/pki/rsyslog/CAbundle.pem" ) ## client global( DefaultNetstreamDriver="gtls" DefaultNetstreamDriverCAFile="/etc/pki/rsyslog/CAbundle.pem" ) *.* action( type="omrelp" target="syslog.internal" port="6514" tls="on" ) Thanks D. _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
