[syslog-ng] how to enable TLS on syslog-ng 3.2.5

Czanik, Péter peter.czanik at balabit.com
Wed Jan 6 12:40:38 CET 2016


There is also a workaround, I just found on twitter:
https://snippet.wiki/wiki/Syslog-ng_stunnel
Bye,

Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit / syslog-ng upstream
http://czanik.blogs.balabit.com/
https://twitter.com/PCzanik

On Wed, Jan 6, 2016 at 12:37 PM, Czanik, Péter <peter.czanik at balabit.com>
wrote:

> Hi,
>
> 3.2 is the version available in EPEL for RHEL6. It does not have SSL/TLS
> support enabled due to packaging restrictions (components in / vs. /usr).
>
> The latest packaged syslog-ng for RHEL6 is available in my repo on Copr:
> https://copr.fedoraproject.org/coprs/czanik/syslog-ng37epel6/ Note, that
> this package does not care about the / vs. /usr boundaries, which is a
> problem if you have /usr on a separate partition (syslog-ng is in /sbin,
> crypto libraries under /usr/lib).
>
> Once you installed this package (or compiles syslog-ng yourself), read the
> docs at
> https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.7-guides/en/syslog-ng-ose-v3.7-guide-admin/html-single/index.html#chapter-encrypted-transport-tls
>
> Bye,
>
> Peter Czanik (CzP) <peter.czanik at balabit.com>
> Balabit / syslog-ng upstream
> http://czanik.blogs.balabit.com/
> https://twitter.com/PCzanik
>
> On Wed, Jan 6, 2016 at 9:17 AM, Scheidler, Balázs <
> balazs.scheidler at balabit.com> wrote:
>
>> Hi,
>>
>> Well, SSL is the "older" non-standard name of TLS and is used to refer to
>> older protocol versions. We use those terms (SSL and TLS) interchangibly.
>> OpenSSL is an implementation of both SSL and TLS.
>>
>> syslog-ng 3.2 by itself definitely supports SSL/TLS the question is
>> whether it was compiled into your binary, as it is a compile-time option.
>> Where is your binary coming from? Some kind of Linux distribution?
>>
>> You can always compile it with SSL enabled, but it's not always a trivial
>> challenge (depending on the Linux platform you are compiling on and your
>> experience with compiling stuff from source). But if you go to the
>> recompilation route, I would also upgrade to a newer version, 3.2.x is
>> ancient by any means. It's about 5 releases behind the current
>> latest-and-greatest (3.7.x is the latest stable series, 3.8.x is in the
>> making).
>>
>> If you need help with deployment/compilation, just ask on this mailing
>> list, or the Balabit may be able to help, just let me know if you want me
>> to make contacts.
>>
>> Bazsi
>>
>> --
>> Bazsi
>>
>> On Wed, Jan 6, 2016 at 4:46 AM, Jim Zapsalis <Jim.Zapsalis at bupa.com.au>
>> wrote:
>>
>>> Hi guys,
>>>
>>>
>>>
>>> How do we enable TLS on OSE version of syslog-ng version 3.2.5?
>>>
>>> Or is it simpler to enable SSL ?
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> *Jim Zapsalis *Senior Platform Engineer, IS
>>>
>>> Bupa, 33 Exhibition Street, Melbourne, 3000
>>>
>>> *T* +61 3 9937 4028 *M* 0411 779 710 *E*  jim.zapsalis at bupa.com.au *W*
>>> bupa.com.au/healthandcaring
>>> <http://www.bupa.com.au/healthandcaring/index.html>
>>>
>>> [image: Social Media Icons-01.png]
>>> <https://www.facebook.com/BupaAustralia>[image: Social Media
>>> Icons-02.png] <https://mobile.twitter.com/bupaaustralia>[image: Social
>>> Media Icons-04.png] <https://ea.linkedin.com/company/bupa-australia>[image:
>>> Social Media Icons-03.png] <https://www.youtube.com/user/BupaAustralia>
>>>
>>>
>>>
>>> Bupa Australia email disclaimer:
>>> The information contained in this email and any attachments is confidential and
>>> may be subject to copyright or other intellectual property protection. If you
>>> are not the intended recipient, you are not authorized to use or disclose this
>>> information, and we request that you notify us by reply mail or telephone and
>>> delete the original message from your mail system.
>>>
>>>
>>>
>>> ______________________________________________________________________________
>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>> Documentation:
>>> http://www.balabit.com/support/documentation/?product=syslog-ng
>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>>
>>>
>>>
>>
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:
>> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160106/02282d51/attachment-0001.htm 


More information about the syslog-ng mailing list