On 2015-03-05 18:27, Michael Starks wrote:
I am trying to get mutual authentication working between a syslog-ng server and an Rsyslog client, using startssl.com issued certificates. The client does properly authenticate the server, but syslog-ng does not recognize the client as trusted.
Well, after messing with the CA certificates and finally getting the right combo, I got a message that the cert wasn't valid for that particular purpose (client authentication). Further digging led me to the discovery that startssl.com does not offer client auth certs for their free class 1 certificates--a paid upgrade would be required. This project is not worth spending any money on so I'll just create my own CA and do it the old-fashioned way. Thanks for the help.