[rsyslog-notify] Forum Thread: rsyslogd-2291: imrelp: could not activate relp listner - (Mode 'post')

noreply at adiscon.com noreply at adiscon.com
Wed Jan 20 17:13:18 CET 2016 

User: gidikern 
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26289#p26289

Message: 
----------
Hi,

I'm trying to configure rsyslog tls with relp but keep getting errors.
I'm using RHEL 7.2 with rsyslog 8.15.
I do manage to send messages using relp + tls but without using the
certificates. When I'm addinf the certificates I'm getting the following
error:

[quote:1pngzouc]Jan 20 11:00:17 ip-10-0-0-114 rsyslogd-2353: imrelp[514]:
error 'Failed to set certificate trust files [gnutls error -64: Error while
reading file.]', object  'lstn 514' - input may not work as intended
[v8.15.0 try <!-- m --><a class="postlink"
href="http://www.rsyslog.com/e/2353">http://www.rsyslog.com/e/2353</a><!--
m --> ]
Jan 20 11:00:17 ip-10-0-0-114 rsyslogd-2291: imrelp: could not activate
relp listner, code 10031 [v8.15.0 try <!-- m --><a class="postlink"
href="http://www.rsyslog.com/e/2291">http://www.rsyslog.com/e/2291</a><!--
m --> ][/quote:1pngzouc]

The following is the server configuration:
[code:1pngzouc]module(load="imrelp" ruleset="relp")

input(type="imrelp" port="514" tls="on"
tls.caCert="/home/ec2-user/rsyslog/ca.pem"
tls.myCert="/home/ec2-user/rsyslog/server-cert.pem"
tls.myPrivKey="/home/ec2-user/rsyslog/server-key.pem"
tls.authmode="name"
tls.permittedpeer=["client.example.co"]
)

ruleset(name="relp") {
action(type="omfile" file="/var/log/relptls2")
}
[/code:1pngzouc]

The following is the client configuration:
[code:1pngzouc]module(load="omrelp")

action(type="omrelp" target="10.0.0.114" port="514" tls="on"
tls.caCert="/home/ec2-user/rsyslog/ca.pem"
tls.myCert="/home/ec2-user/rsyslog/client-cert.pem"
tls.myPrivKey="/home/ec2-user/rsyslog/client-key.pem"
tls.authmode="name"
tls.permittedpeer=["server.example.co"]
)
[/code:1pngzouc]

When I  remove the tls cert fields from the server configration I get 
client error:
[quote:1pngzouc]Jan 20 10:35:29 ip-10-0-0-206 rsyslogd-2353:
omrelp[10.0.0.114:514]: error 'Failed to set certificate trust file [gnutls
error -64: Error while reading file.]', object  'conn to srvr
10.0.0.114:514' - action may not work as intended [v8.15.0 try <!-- m --><a
class="postlink"
href="http://www.rsyslog.com/e/2353">http://www.rsyslog.com/e/2353</a><!--
m --> ][/quote:1pngzouc]

Help would be really really appreciated as I'm stack with this for long
time.
Thanks!!!!

More information about the rsyslog-notify mailing list