Dear all, I've this source settings for TLS: source s_tcp_tls { network( transport("tls") ip(10.46.130.65) port(6514) tls( peer-verify("optional-untrusted") key-file("/etc/syslog-ng/key.d/syslog-ng.key") cert-file("/etc/syslog-ng/cert.d/syslog-ng.cert") ) ); }; But when a client connects via TCP/TLS to the syslog-ng service.. In syslog-ng these messages are showing up: syslog-ng starting up; version='3.5.6' Syslog connection accepted; fd='12', client='AF_INET(10.46.160.78:48075)', local='AF_INET(10.46.130.65:6514)' SSL error while reading stream; tls_error='SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca' I/O error occurred while reading; fd='12', error='Connection reset by peer (104)' Syslog connection closed; fd='12', client='AF_INET(10.46.160.78:48075)', local='AF_INET(10.46.130.65:6514)' Closing log transport fd; fd='12' I don't know why syslog-ng is proving the CA? As far as I know the configuration is a non-mutual authentication - so the CA shouldn't play a role in this - is this correct? The client sends messages in RFC5424 format. Any help is appriciated - I've no clue what's going wrong. Best regards Klaus ____________________________________________