[syslog-ng] CentOS7 syslog-ng 3.5.6: TLS: SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

Schulte, Klaus (Nokia - DE/Ulm) klaus.schulte at nokia.com
Wed Jun 24 11:43:59 CEST 2015

Dear all,

I've this source settings for TLS:

source s_tcp_tls {
   network(  transport("tls")
             ip( port(6514)

But when a client connects via TCP/TLS to the syslog-ng service..

In syslog-ng these messages are showing up:

syslog-ng starting up; version='3.5.6'
Syslog connection accepted; fd='12', client='AF_INET(', local='AF_INET('
SSL error while reading stream; tls_error='SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca'
I/O error occurred while reading; fd='12', error='Connection reset by peer (104)'
Syslog connection closed; fd='12', client='AF_INET(', local='AF_INET('
Closing log transport fd; fd='12'

I don't know why syslog-ng is proving the CA?
As far as I know the configuration is a non-mutual authentication - so the CA shouldn't play a role in this - is this correct?

The client sends messages in RFC5424 format.

Any help is appriciated - I've no clue what's going wrong.

Best regards

More information about the syslog-ng mailing list