[rsyslog-notify] Forum Thread: RSyslog TLS configuration - (Mode 'post')

[noreply at adiscon.com]

User: LukasLukasLukas 
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25174#p25174

Message: 
----------
Hi there,

I am using RSyslog 4.6.4 on debian.

I want to configure TLS for Syslog.

This is my client rsyslog.conf.

[code:21hmcp6s]$ModLoad imuxsock # provides support for local system
logging
$ModLoad imklog   # provides kernel logging support (previously done by
rklogd)

$DefaultNetstreamDriver gtls

#certificate files
$DefaultNetstreamDriverCAFile /etc/cert.pem
$DefaultNetstreamDriverCertFile /etc/cert.pem
$DefaultNetstreamDriverKeyFile /etc/cert.pem

#$ActionSendStreamDriverAuthMode x509/name
#$ActionSendStreamDriverPermittedPeer 192.168.2.1
$ActionSendStreamDriverMode 1# run driver in TLS-only mode

*.*	@@192.168.2.1:6514

*.*	/log/logfile.log[/code:21hmcp6s]

In my rsyslog client config I am getting the following messages:

- [i:21hmcp6s]not permitted to talk to peer, certificate invalid: signer
not found[/i:21hmcp6s]
- [i:21hmcp6s]invalid cert info: peer provided 1 certificate(s).
Certificate 1 info: certificate valid from Fri Jun  6 14:21:00 2014 to Wed
Jun  5 14:21:00 2024; Certificate public key ...[/i:21hmcp6s]

It doesn't matter if i include those two comments above or not.

This seems the server certificate must be wrong, but it has a signer in it
so i think there is something wrong with my config.

Any suggestions?

Thanks in advance.