Hi, "Mark Mulligan" <MMulligan@llbean.com> írta 2016-08-24 15:57-kor:
We are using using syslog-ng 3.2.5 and I and trying to figure out how to configure it to use TLS1.2 rather than the TLS1.1.
It is working for TLS1.1 but not for connections using TLS1.2, this is a snippet from our config file.
How did you concluded that? What is the underlying openssl lib's version number? As far as I remember, without any extra config / modification, it use what the underlying lib uses, and that agrees on the latest protocol what both sides support. Later syslog-ng versions just bring in a new extra option, to set ssl flag, specifically for disabling specific ssl versions. That is the ssl-options which appeared in the syslog-ng 3.7 (?), and was later backported to the 3.6 line. There were also some discussion here about this topic, just some days ago. Cheers, Gyu