The SSL alert is sent by the client, thus the client didn't accept the certificate of the server. Can you paste that config as well?
Dear all,
I've this source settings for TLS:
source s_tcp_tls {
network( transport("tls")
ip(10.46.130.65) port(6514)
tls(
peer-verify("optional-untrusted")
key-file("/etc/syslog-ng/key.d/syslog-ng.key")
cert-file("/etc/syslog-ng/cert.d/syslog-ng.cert")
)
);
};
But when a client connects via TCP/TLS to the syslog-ng service..
In syslog-ng these messages are showing up:
syslog-ng starting up; version='3.5.6'
Syslog connection accepted; fd='12', client='AF_INET(10.46.160.78:48075)', local='AF_INET(10.46.130.65:6514)'
SSL error while reading stream; tls_error='SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca'
I/O error occurred while reading; fd='12', error='Connection reset by peer (104)'
Syslog connection closed; fd='12', client='AF_INET(10.46.160.78:48075)', local='AF_INET(10.46.130.65:6514)'
Closing log transport fd; fd='12'
I don't know why syslog-ng is proving the CA?
As far as I know the configuration is a non-mutual authentication - so the CA shouldn't play a role in this - is this correct?
The client sends messages in RFC5424 format.
Any help is appriciated - I've no clue what's going wrong.
Best regards
Klaus
____________________________________________
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq