[syslog-ng] Mutual Authentication and Encryption With Rsyslog

Michael Starks syslog-ng-list at michaelstarks.com
Sun Mar 8 02:53:16 CET 2015


On 03/05/2015 11:50 PM, Laci Mészáros wrote:
> Hello,
> 
> Have you tried syslog-ng start in forward-mode and verbose (-Fdve)? In
> that case after the first message you can check the SSL error message
> during the authentication. It could show you the problem with the
> certificates.
> 
> Br,
> Laci

Thanks for the reply. I tried forward mode and I got these relevant
messages:

Syslog connection accepted; fd='10', client='AF_INET(1.2.3.4:37464)',
local='AF_INET(0.0.0.0:6514)'
Certificate validation failed;
subject='emailAddress=address at example.com, CN=sub.example.com, C=US',
issuer='CN=StartCom Class 1 Primary Intermediate Server CA, OU=Secure
Digital Certificate Signing, O=StartCom Ltd., C=IL', error='unable to
get local issuer certificate', depth='0'
SSL error while reading stream; tls_error='SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned'
I/O error occurred while reading; fd='10', error='Connection reset by
peer (104)'
Syslog connection closed; fd='10',
client='AF_INET(52.10.218.147:37464)', local='AF_INET(0.0.0.0:6514)'

I am using ca-bundle.pem from startssl.com and the signed certificate
validates on both the client and server using openssl verify.


More information about the syslog-ng mailing list