Hi,
"Mark Mulligan" <MMulligan@llbean.com> írta 2016-08-24 15:57-kor:
> We are using using syslog-ng 3.2.5 and I and trying to figure out how to configure it to use TLS1.2 rather than the TLS1.1.
>
> It is working for TLS1.1 but not for connections using TLS1.2, this is a snippet from our config file.
How did you concluded that?
What is the underlying openssl lib's version number?
As far as I remember, without any extra config / modification, it use what
the underlying lib uses, and that agrees on the latest protocol what both
sides support.
Later syslog-ng versions just bring in a new extra option, to set ssl
flag, specifically for disabling specific ssl versions. That is the
ssl-options which appeared in the syslog-ng 3.7 (?), and was later
backported to the 3.6 line.
There were also some discussion here about this topic, just some days ago.
Cheers,
Gyu
____________________________________________________________ __________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq