Hi, Thanks for pointing out this problem, I've added a more detailed example for ssl-options to the upcoming 3.8 guide. Regards, Robert On Tue, Aug 16, 2016 at 11:53 PM, <thejaguar@tutanota.de> wrote:
its part of tls options so
tls( key-file("/usr/local/etc/hostcert.key") cert-file("/usr/local/etc/hostcert.pem") peer_verify(optional-untrusted) ssl-options(no-sslv3,no-tlsv1) ) ); The Jaguar
16. Aug 2016 12:13 by Joseph.Lupo@T-Mobile.com:
The syslog-ng documentation is very unclear. Where would we put the ssl-options(no-sslv2, no-sslv3, no-tlsv1) entry for disabling sslv2, sslv3 and tlsv1?
The following works for enabling TLS on our host, but I can’t figure out where to insert the ssl-options.
source s_net { network(ip('<our IP>') port(<our port>) transport("tls") tls( key-file("/usr/local/etc/hostcert.key") cert-file("/usr/local/etc/hostcert.pem") peer_verify(optional-untrusted)) ); };
Joe Lupo T-Mobile USA Principal Engineer, System Design & Strategy (973) 440-8768
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq