[syslog-ng] Disabling SSLv3 with Syslog-NG
Fekete, Róbert
robert.fekete at balabit.com
Wed Aug 17 08:49:44 CEST 2016
Hi,
Thanks for pointing out this problem, I've added a more detailed example
for ssl-options to the upcoming 3.8 guide.
Regards,
Robert
On Tue, Aug 16, 2016 at 11:53 PM, <thejaguar at tutanota.de> wrote:
> its part of tls options so
>
> tls( key-file("/usr/local/etc/hostcert.key")
> cert-file("/usr/local/etc/hostcert.pem")
> peer_verify(optional-untrusted)
> ssl-options(no-sslv3,no-tlsv1)
> )
> );
> The Jaguar
>
> 16. Aug 2016 12:13 by Joseph.Lupo at T-Mobile.com:
>
>
> The syslog-ng documentation is very unclear. Where would we put the
> ssl-options(no-sslv2, no-sslv3, no-tlsv1) entry for disabling sslv2, sslv3
> and tlsv1?
>
> The following works for enabling TLS on our host, but I can’t figure out
> where to insert the ssl-options.
>
> source s_net {
> network(ip('<our IP>') port(<our port>)
> transport("tls")
> tls( key-file("/usr/local/etc/hostcert.key")
> cert-file("/usr/local/etc/hostcert.pem")
> peer_verify(optional-untrusted))
> );
> };
>
> Joe Lupo
> T-Mobile USA
> Principal Engineer, System Design & Strategy
> (973) 440-8768
>
>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160817/c02a8b32/attachment.htm
More information about the syslog-ng
mailing list