[syslog-ng] Mutual certification

Ivan Adji - Krstev akivanradix at gmail.com
Thu Feb 4 09:27:30 CET 2016


Hi,
is it there a way to put that plug in end enabl ssl ? Or i must download
the latest syslog-ng and build from 0 ?

Thanks
Ivan

On 02/03/2016 03:33 PM, Czanik, Péter wrote:
> Hi,
> There are multiple problems:
> - you use an ancient syslog-ng version, which does not yet have the
> combined network() driver
> - it has crypto support disabled: Enable-SSL: off
> I assume, you use RHEL6 and syslog-ng from EPEL. In that case I'd
> recommend giving my packages a try from
> https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37epel6/ which
> includes the latest stable release and by breaking the packaging
> guidelines it also enables openssl support (syslog-ng is in /sbin,
> openssl is under /usr/lib, which breaks the application if /usr is on
> a separate partition).
> Bye,
>
> Peter Czanik (CzP) <peter.czanik at balabit.com
> <mailto:peter.czanik at balabit.com>>
> Balabit / syslog-ng upstream
> http://czanik.blogs.balabit.com/
> https://twitter.com/PCzanik
>
> On Wed, Feb 3, 2016 at 2:43 PM, Ivan Adji - Krstev
> <akivanradix at gmail.com <mailto:akivanradix at gmail.com>> wrote:
>
>     Hi all,
>     I have follow the link
>     <https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-latest-guides/en/syslog-ng-tutorial-mutual-auth-tls/html/create-ca.html>
>     for providing mutual authentication. I have create CA on a server
>     and certificates for the server and client. On the server site
>     have put:
>     ===========================================
>     source s_sys {
>             system();
>             #unix-stream("/dev/log");
>             internal();
>             network(
>             port(6514)
>     #       tcp(port(5140));
>     #       file("/proc/kmsg" log_prefix("kernel: "));
>             transport("tls")
>             tls( key_file("/etc/syslog-ng/cert.d/serverkey.pem")
>                  cert_file("/etc/syslog-ng/cert.d/servercert.pem")
>                  ca_dir("/etc/syslog-ng/ca.d"))
>     );
>     };
>     i have define d_mysql etc.
>
>     log { source(s_sys); destination(d_mysql); };
>     =============================================================
>     on the client site i have:
>     destination tls_destination {
>         network("x.x.x.x" port(6514));
>         transport("tls")
>         tls( ca_dir("/etc/syslog-ng/ca.d")
>              key_file("/etc/syslog-ng/cert.d/clientkey.pem")
>              cert_file("/etc/syslog-ng/cert.d/clientcert.pem") )
>          };
>     log { source(s_sys); destination(tls_destination); };
>     ==================================================================
>     And when i restart the syslog-ng on a client site i have the
>     following error:
>
>     /etc/init.d/syslog-ng restart
>     Stopping syslog-ng:                                        [FAILED]
>     Error parsing destination, destination plugin network not found in
>     /etc/syslog-ng/syslog-ng.conf at line 45, column 5:
>
>         network("x.x.x.x" port(6514));
>         ^^^^^^^
>
>     syslog-ng documentation:
>     http://www.balabit.com/support/documentation/?product=syslog-ng
>     mailing list: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>
>     syslog-ng --version
>     syslog-ng 3.2.5
>     Installer-Version: 3.2.5
>     Revision:
>     ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master#9d4bea28198bd731df1a61e980a2af5b88d81116
>     <mailto:ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master%239d4bea28198bd731df1a61e980a2af5b88d81116>
>     Compile-Date: Jul 25 2014 15:20:50
>     Enable-Threads: on
>     Enable-Debug: off
>     Enable-GProf: off
>     Enable-Memtrace: off
>     Enable-Sun-STREAMS: off
>     Enable-IPv6: on
>     Enable-Spoof-Source: on
>     Enable-TCP-Wrapper: on
>     Enable-SSL: off
>     Enable-SQL: on
>     Enable-Linux-Caps: off
>     Enable-Pcre: on
>     Enable-Pacct: off
>
>     So can someone tell me what i'm doing wrong ?
>
>     Kind regards
>     Ivan
>
>     ______________________________________________________________________________
>     Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>     Documentation:
>     http://www.balabit.com/support/documentation/?product=syslog-ng
>     FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160204/1509f462/attachment.htm 


More information about the syslog-ng mailing list