[syslog-ng]syslog-ng & stunnel, the saga continues
syslog-ng@lists.balabit.hu
syslog-ng@lists.balabit.hu
Sat, 14 Aug 2004 10:12:10 +0100
I'm trying to use stunnel to wrap syslog-ng in SSL. The only
problem is that all the documentation for stunnel presumes
you're using Red Hat. I'm using OpenBSD. This means I have
to generate the certificates myself, and I'm confused here.
For a decent level of security, as I understand it, the server
needs a certificate, signed by a CA (in this case, as it's
for internal networking, the CA is me).
What does the client need?
I basically created a CA, created a public key and signed it
to create the server certificate, what do I need to do for the
clients? (I would prefer it if they all had the same certificate,
to preserve my sanity).
If I hear the phrase "on red hat, go to /usr/share/ssl/certs" one
more time, somebody is going to find themselves eating several
poorly generated certificates. :)
cheers
mark