<p dir="ltr">The SSL alert is sent by the client, thus the client didn't accept the certificate of the server. Can you paste that config as well?</p>
<div class="gmail_quote">On Jun 24, 2015 11:44 AM, "Schulte, Klaus (Nokia - DE/Ulm)" <<a href="mailto:klaus.schulte@nokia.com">klaus.schulte@nokia.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Dear all,<br>
<br>
I've this source settings for TLS:<br>
<br>
source s_tcp_tls {<br>
network( transport("tls")<br>
ip(10.46.130.65) port(6514)<br>
tls(<br>
peer-verify("optional-untrusted")<br>
key-file("/etc/syslog-ng/key.d/syslog-ng.key")<br>
cert-file("/etc/syslog-ng/cert.d/syslog-ng.cert")<br>
)<br>
);<br>
};<br>
<br>
But when a client connects via TCP/TLS to the syslog-ng service..<br>
<br>
In syslog-ng these messages are showing up:<br>
<br>
syslog-ng starting up; version='3.5.6'<br>
Syslog connection accepted; fd='12', client='AF_INET(10.46.160.78:48075)', local='AF_INET(<a href="http://10.46.130.65:6514" rel="noreferrer" target="_blank">10.46.130.65:6514</a>)'<br>
SSL error while reading stream; tls_error='SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca'<br>
I/O error occurred while reading; fd='12', error='Connection reset by peer (104)'<br>
Syslog connection closed; fd='12', client='AF_INET(10.46.160.78:48075)', local='AF_INET(<a href="http://10.46.130.65:6514" rel="noreferrer" target="_blank">10.46.130.65:6514</a>)'<br>
Closing log transport fd; fd='12'<br>
<br>
I don't know why syslog-ng is proving the CA?<br>
As far as I know the configuration is a non-mutual authentication - so the CA shouldn't play a role in this - is this correct?<br>
<br>
The client sends messages in RFC5424 format.<br>
<br>
Any help is appriciated - I've no clue what's going wrong.<br>
<br>
Best regards<br>
Klaus<br>
____________________________________________<br>
<br>
<br>
______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote></div>