[rsyslog-notify] Forum Thread: Mutual auth TLS: rsyslog doesn't terminate on 1st handshake - (Mode 'edit_topic')
noreply at adiscon.com
noreply at adiscon.com
Tue Sep 27 18:30:35 CEST 2016
User: badgernaut
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26941#p26941
Message:
----------
Hi,
Quick question:
I've setup mutual auth TLS (as specified in this tutorial:
[url]http://www.rsyslog.com/doc/v8-stable/tutorials/tls_cert_summary.html[/url]),
however, if I test the connection using a client process that provides a
public certificate that is not correctly signed and issued by the Root CA,
then rsyslog still allows the initial connection (although the log messages
show that it detected the certificate was invalid, as I would expect for
AuthMode==x509/name), and only terminates the connection if a subsequent
message is sent to the socket from the rogue client.
My expectation was that it would terminate immediately upon finding the
client's public cert was bogus...
Is there an additional option I can pass in rsyslog.conf (or somewhere
else) that would enable this behaviour?
Thanks.
More information about the rsyslog-notify
mailing list