[syslog-ng] Extract SNI on incoming connections
Raghunath Adhyapak
funduraghu at gmail.com
Mon May 18 03:52:18 UTC 2020
Hi,
I would like to run a syslog-ng server that accepts TLS connections.
I want to identify clients based on the server name they use to connect and
do specific processing for each client.
I see the following macros being available to be used in filter, but I
don't see .TLS.SN (or something like that to indicate server name used by
client to connect)
.TLS.X509
*Description:* When using a transport that uses TLS, these macros contain
information about the peer's certificate. That way, you can use information
from the client certificate in filenames, database values, or as other
metadata. If you clients have their own certificates, then these values are
unique per client, but unchangeable by the client. The following macros are
available in syslog-ng OSE version 3.9 and later.
-
.TLS.X509_CN: The Common Name of the certificate.
-
.TLS.X509_O: The value of the Organization field.
-
.TLS.X509_OU: The value of the Organization Unit field.
Thanks
Raghu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20200518/73b79643/attachment.html>
More information about the syslog-ng
mailing list