[rsyslog-notify] Forum Thread: Getting gibberish in the log using TLS - (Mode 'post')

noreply at adiscon.com noreply at adiscon.com
Mon Sep 1 20:04:33 CEST 2014 

User: LinuxDude2014 
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24898#p24898

Message: 
----------
I am getting gibberish in the log using TLS

Ex:
[root at logging 11.11.22.22]# cat
\#026#003#002#000V#001#000#000R#003#002T#004.log 
2014-09-01T12:12:39.835779-05:00 11.11.22.22
#026#003#002#000V#001#000#000R#003#002T#004�#007O"�^�=��#032�8;�i�#015X�#005iY#011h��#031`>#000#000$#0003#000E#0009#000�#000#026#0002#000D#0008#000�#000#023#000f#000/#000A#0005#000�

2014-09-01T12:13:13.206696-05:00 11.11.22.22
#026#003#002#000V#001#000#000R#003#002T#004�)V�.���K0&��6=җ���<#002�����#020��#000#000$#0003#000E#0009#000�#000#026#0002#000D#0008#000�#000#023#000f#000/#000A#0005#000�

2014-09-01T12:13:18.973545-05:00 11.11.22.22
#026#003#002#000V#001#000#000R#003#002T#004�/*�L��V'���»�����$R#005#177��#023�E�[#000#000$#0003#000E#0009#000�#000#026#0002#000D#0008#000�#000#023#000f#000/#000A#0005#000�

2014-09-01T12:20:34.056972-05:00 11.11.22.22 

A connection is OK:
root at server134 [~]# openssl s_client -connect 69.65.26.34:10514 
CONNECTED(00000003)

Does the client need a crt and key at all?  The instructions just say to
use a CA, I used the same CA that's on the server.
The client setup is equally simple. You need less certificates, just the CA
cert. 
    # certificate files - just CA for a client
    $DefaultNetstreamDriverCAFile /path/to/contrib/gnutls/ca.pem

In my client config I added this:
[code:3thrm9f8]# certificate files - just CA for a client
$DefaultNetstreamDriverCAFile /root/ca.pem

# set up the action
$DefaultNetstreamDriver gtls # use gtls netstream driver
$ActionSendStreamDriverMode 1 # require TLS for the connection
$ActionSendStreamDriverAuthMode anon # server is NOT authenticated
authpriv.* @@(o)69.65.26.34:10514 #[/code:3thrm9f8]

And on the server I have:
[code:3thrm9f8]
# make gtls driver the default
$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /root/ca.pem
$DefaultNetstreamDriverCertFile /root/cert.pem
$DefaultNetstreamDriverKeyFile /root/key.pem

$ModLoad imtcp # load TCP listener

$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
$InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated
$InputTCPServerRun 10514 # start up listener at port 10514
[/code:3thrm9f8]

How can I fix/further troubleshoot this?

Not using TLS it logs OK.

TIA

More information about the rsyslog-notify mailing list