[syslog-ng] Syslog-ng error while using TSL
Balazs Scheidler
bazsi at balabit.hu
Sun May 22 13:14:48 CEST 2011
On Wed, 2011-05-04 at 18:11 +0530, Pramod Pillai wrote:
> Hi
>
> I have not yet resolved the issue -:(
> Few questions
> This is the error from the client side
> error='self signed certificate in certificate chain', depth='2'
>
> Our certificates are not self signed . But why is it showing as self
> signed in the log.
everything is self-signed at the end. an official CA is a self-signed
certificate, they just happen to be trusted for one reason or another.
this probably means that the CA certificate is not trusted by syslog-ng,
probably because syslog-ng has to be told which CA you trust.
There's a chapter in the documentation on how to set that up, here:
http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-v3.2-guide-admin-en.html/chapter-encrypted-transport-tls.html
> Is syslog-ng internally configured as self-signed certificate. If
> Yes where is it stored. Or how to modify it.
>
> Is it possible to configure the depth ?
IIRC no, there's currently no way to configure that, syslog-ng will just
accept any certificate depth.
--
Bazsi
More information about the syslog-ng
mailing list