Well, if you open the payload of the initial packages (e.g. after the SYN-SYNACK-ACK handshake), you should see binary stuff instead of plain text log messages. -- Bazsi On Mon, Mar 7, 2016 at 7:07 AM, Girish Kumar <girish.kumar@al-enterprise.com
wrote:
Hi All,
Finally I was able to setup syslog-ng client and server. Communicate over TLS. Thanks for all your help.
In wireshark capture I am seeing all protocol as TCP and not as TLS. Please let me know whether my communication has happened over TLS.
If yes how do I validate that. Can I enable additional logs in syslog-ng ?
*My tls part of conf file*
Client
--------
destination d_destination {
syslog("135.254.163.151" port(6514)
transport("tls")
tls( ca_dir("/etc/ca.d")
key_file("/etc/cert.d/myCliPrivate.key")
cert_file("/etc/cert.d/myCliCert.pem") )
);
};
Server
---------
source d_source {
syslog(ip("135.254.163.151") port(6514)
transport("tls")
tls( key_file("/etc/syslog-ng/cert.d/mySerPrivate.key")
cert_file("/etc/syslog-ng/cert.d/mySerCert.pem")
ca_dir("/etc/syslog-ng/ca.d"))
);
};
Regards,
Girish
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq