[syslog-ng] Mutual certification
Czanik, Péter
peter.czanik at balabit.com
Wed Feb 3 15:33:37 CET 2016
Hi,
There are multiple problems:
- you use an ancient syslog-ng version, which does not yet have the
combined network() driver
- it has crypto support disabled: Enable-SSL: off
I assume, you use RHEL6 and syslog-ng from EPEL. In that case I'd recommend
giving my packages a try from
https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37epel6/ which
includes the latest stable release and by breaking the packaging guidelines
it also enables openssl support (syslog-ng is in /sbin, openssl is under
/usr/lib, which breaks the application if /usr is on a separate partition).
Bye,
Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit / syslog-ng upstream
http://czanik.blogs.balabit.com/
https://twitter.com/PCzanik
On Wed, Feb 3, 2016 at 2:43 PM, Ivan Adji - Krstev <akivanradix at gmail.com>
wrote:
> Hi all,
> I have follow the link
> <https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-latest-guides/en/syslog-ng-tutorial-mutual-auth-tls/html/create-ca.html>
> for providing mutual authentication. I have create CA on a server and
> certificates for the server and client. On the server site have put:
> ===========================================
> source s_sys {
> system();
> #unix-stream("/dev/log");
> internal();
> network(
> port(6514)
> # tcp(port(5140));
> # file("/proc/kmsg" log_prefix("kernel: "));
> transport("tls")
> tls( key_file("/etc/syslog-ng/cert.d/serverkey.pem")
> cert_file("/etc/syslog-ng/cert.d/servercert.pem")
> ca_dir("/etc/syslog-ng/ca.d"))
> );
> };
> i have define d_mysql etc.
>
> log { source(s_sys); destination(d_mysql); };
> =============================================================
> on the client site i have:
> destination tls_destination {
> network("x.x.x.x" port(6514));
> transport("tls")
> tls( ca_dir("/etc/syslog-ng/ca.d")
> key_file("/etc/syslog-ng/cert.d/clientkey.pem")
> cert_file("/etc/syslog-ng/cert.d/clientcert.pem") )
> };
> log { source(s_sys); destination(tls_destination); };
> ==================================================================
> And when i restart the syslog-ng on a client site i have the following
> error:
>
> /etc/init.d/syslog-ng restart
> Stopping syslog-ng: [FAILED]
> Error parsing destination, destination plugin network not found in
> /etc/syslog-ng/syslog-ng.conf at line 45, column 5:
>
> network("x.x.x.x" port(6514));
> ^^^^^^^
>
> syslog-ng documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> mailing list: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>
> syslog-ng --version
> syslog-ng 3.2.5
> Installer-Version: 3.2.5
> Revision:
> ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master#9d4bea28198bd731df1a61e980a2af5b88d81116
> <ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master%239d4bea28198bd731df1a61e980a2af5b88d81116>
> Compile-Date: Jul 25 2014 15:20:50
> Enable-Threads: on
> Enable-Debug: off
> Enable-GProf: off
> Enable-Memtrace: off
> Enable-Sun-STREAMS: off
> Enable-IPv6: on
> Enable-Spoof-Source: on
> Enable-TCP-Wrapper: on
> Enable-SSL: off
> Enable-SQL: on
> Enable-Linux-Caps: off
> Enable-Pcre: on
> Enable-Pacct: off
>
> So can someone tell me what i'm doing wrong ?
>
> Kind regards
> Ivan
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160203/be247a21/attachment.htm
More information about the syslog-ng
mailing list