[rsyslog-notify] Forum Thread: TLS, but without supplying cert info? - (Mode 'post')
noreply at adiscon.com
noreply at adiscon.com
Tue Oct 21 20:02:09 CEST 2014
User: gazpacho
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25038#p25038
Message:
----------
What happens if try to us TLS via RELP, but don't specify any of the cert
info?
It [i:2uzouz3h][u:2uzouz3h]seems[/u:2uzouz3h][/i:2uzouz3h] to still do
encryption.
[i:2uzouz3h]Where does it then pull the cert info from?[/i:2uzouz3h]
For example, if I have the following in syslog.conf...
[code:2uzouz3h]Input (type="imrelp"
port="10514"
tls="on"
)
[/code:2uzouz3h]
(and something similar for the matching omrelp side)
I can confirm with Wireshark that there appears to be a handshake to get
things going, and the communications are then encrypted. Is this true, and
if so, how secure is it?
More information about the rsyslog-notify
mailing list