Forwarding syslog-ng logs over TLS

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












This is the scenario: I have a server that's listening on port 6514 on TCP for logs. I created the .key .crt files on the server as described here: https://www.logzilla.net/2014/10/17/configuring-tls-tunnels-in-syslog-ng.html:



 [root@server1 ~]$ openssl genrsa -des3 -out logserver.key 2048
Generating RSA private key, 2048 bit long modulus
.................................................+++
.+++
e is 65537 (0x10001)
Enter pass phrase for logserver.key:
Verifying - Enter pass phrase for logserver.key:
[root@server1 ~]$ openssl req -new -key logserver.key -out logserver.csr
Enter pass phrase for logserver.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) :
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) :
Common Name (eg, your name or your server's hostname) :
Email Address :

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :
An optional company name :
[root@server1 ~]$ cp logserver.key logserver.key.org
[root@server1 ~]$ openssl rsa -in logserver.key.org -out logserver.key
Enter pass phrase for logserver.key.org:
writing RSA key
[root@server1 ~]$ openssl x509 -req -days 365 -in logserver.csr -signkey
logserver.key -out logserver.crt
Signature ok
subject=/C=XX/L=Default City/O=Default Company Ltd
Getting Private key


and placed the settings in a created file named tls.conf in the /etc/syslog-ng/conf.d



I followed the next instructions.
Connect to the Client and mkdir -p /etc/syslog-ng/ssl. Download/Upload the /etc/syslog-ng/ssl/logserver.crt (which was created earlier on the Server) to the Client system and put the file in /etc/syslog-ng/ssl on the Client.



Find the hash for your key by running openssl x509 -noout -hash -in /etc/syslog-ng/ssl/logserver.crt



Next, create a symbolic link to the certificate that uses the hash returned by the previous command, with an added .0 suffix.



ln -s /etc/syslog-ng/ssl/logserver.crt /etc/syslog-ng/ssl/84d92a45.0



As soon as I add the client-to-server.conf under /etc/syslog-ng/conf.d/client-to-server.conf that has the following



@version:3.14
@define allow-config-dups 1
@include "scl.conf"
destination d_tls
tcp("192.168.1.7" port(6514)
tls( ca_dir("/etc/syslog-ng/ssl/")) );
;

log
source(s_sys);
destination(d_tls);
;


the syslog-ng service won't start on the client.



 systemctl restart syslog-ng.service
Job for syslog-ng.service failed because the control process exited with
error code. See "systemctl status syslog-ng.service" and "journalctl -xe"
for details.



[root@localhost conf.d]# systemctl status syslog-ng.service -l
● syslog-ng.service - System Logger Daemon
Loaded: loaded (/usr/lib/systemd/system/syslog-ng.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit) since Thu 2018-06-07 22:50:30 EEST; 7min ago
Docs: man:syslog-ng(8)
Process: 18196 ExecStart=/usr/sbin/syslog-ng -F $SYSLOGNG_OPTS -p /var/run/syslogd.pid (code=exited, status=2)
Main PID: 18196 (code=exited, status=2)
Status: "Starting up... (Thu Jun 7 22:50:30 2018"

Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.

[root@localhost conf.d]# journalctl -xe
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022361] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022410] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.281966] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.282017] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522580] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522870] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.


What am I doing wrong?







share|improve this question





















  • Use "-s" with "-f" options for syslog-ng to check if your configuration is correct: syslog-ng -s -f /path/to/syslog-ng-master-config-file
    – mariaczi
    Jun 7 at 9:01










  • Thank you for this suggestion. May I add that I've just updated the syslog-ng version which is version:3.14. The commands return nothing: ` [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf`
    – Aiurea Adica tot YO
    Jun 7 at 10:38











  • What you got in logs? Are you sure, that you don't have running other instance of syslog-ng: ps -ef | grep syslog?
    – mariaczi
    Jun 7 at 10:44










  • [root@localhost ~]# ps -ef | grep syslog root 2952 2628 0 13:52 pts/0 00:00:00 grep --color=auto syslog
    – Aiurea Adica tot YO
    Jun 7 at 10:53










  • Jun 07 14:01:51 localhost.localdomain syslog-ng[3118]: /usr/sbin/syslog-ng: relocation error: /usr/lib64/libsyslog-ng-3.14.so.0: symbol SSL_CTX_get0_param, version libs Jun 07 14:01:51 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=127/n/a
    – Aiurea Adica tot YO
    Jun 7 at 11:02














up vote
0
down vote

favorite












This is the scenario: I have a server that's listening on port 6514 on TCP for logs. I created the .key .crt files on the server as described here: https://www.logzilla.net/2014/10/17/configuring-tls-tunnels-in-syslog-ng.html:



 [root@server1 ~]$ openssl genrsa -des3 -out logserver.key 2048
Generating RSA private key, 2048 bit long modulus
.................................................+++
.+++
e is 65537 (0x10001)
Enter pass phrase for logserver.key:
Verifying - Enter pass phrase for logserver.key:
[root@server1 ~]$ openssl req -new -key logserver.key -out logserver.csr
Enter pass phrase for logserver.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) :
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) :
Common Name (eg, your name or your server's hostname) :
Email Address :

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :
An optional company name :
[root@server1 ~]$ cp logserver.key logserver.key.org
[root@server1 ~]$ openssl rsa -in logserver.key.org -out logserver.key
Enter pass phrase for logserver.key.org:
writing RSA key
[root@server1 ~]$ openssl x509 -req -days 365 -in logserver.csr -signkey
logserver.key -out logserver.crt
Signature ok
subject=/C=XX/L=Default City/O=Default Company Ltd
Getting Private key


and placed the settings in a created file named tls.conf in the /etc/syslog-ng/conf.d



I followed the next instructions.
Connect to the Client and mkdir -p /etc/syslog-ng/ssl. Download/Upload the /etc/syslog-ng/ssl/logserver.crt (which was created earlier on the Server) to the Client system and put the file in /etc/syslog-ng/ssl on the Client.



Find the hash for your key by running openssl x509 -noout -hash -in /etc/syslog-ng/ssl/logserver.crt



Next, create a symbolic link to the certificate that uses the hash returned by the previous command, with an added .0 suffix.



ln -s /etc/syslog-ng/ssl/logserver.crt /etc/syslog-ng/ssl/84d92a45.0



As soon as I add the client-to-server.conf under /etc/syslog-ng/conf.d/client-to-server.conf that has the following



@version:3.14
@define allow-config-dups 1
@include "scl.conf"
destination d_tls
tcp("192.168.1.7" port(6514)
tls( ca_dir("/etc/syslog-ng/ssl/")) );
;

log
source(s_sys);
destination(d_tls);
;


the syslog-ng service won't start on the client.



 systemctl restart syslog-ng.service
Job for syslog-ng.service failed because the control process exited with
error code. See "systemctl status syslog-ng.service" and "journalctl -xe"
for details.



[root@localhost conf.d]# systemctl status syslog-ng.service -l
● syslog-ng.service - System Logger Daemon
Loaded: loaded (/usr/lib/systemd/system/syslog-ng.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit) since Thu 2018-06-07 22:50:30 EEST; 7min ago
Docs: man:syslog-ng(8)
Process: 18196 ExecStart=/usr/sbin/syslog-ng -F $SYSLOGNG_OPTS -p /var/run/syslogd.pid (code=exited, status=2)
Main PID: 18196 (code=exited, status=2)
Status: "Starting up... (Thu Jun 7 22:50:30 2018"

Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.

[root@localhost conf.d]# journalctl -xe
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022361] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022410] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.281966] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.282017] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522580] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522870] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.


What am I doing wrong?







share|improve this question





















  • Use "-s" with "-f" options for syslog-ng to check if your configuration is correct: syslog-ng -s -f /path/to/syslog-ng-master-config-file
    – mariaczi
    Jun 7 at 9:01










  • Thank you for this suggestion. May I add that I've just updated the syslog-ng version which is version:3.14. The commands return nothing: ` [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf`
    – Aiurea Adica tot YO
    Jun 7 at 10:38











  • What you got in logs? Are you sure, that you don't have running other instance of syslog-ng: ps -ef | grep syslog?
    – mariaczi
    Jun 7 at 10:44










  • [root@localhost ~]# ps -ef | grep syslog root 2952 2628 0 13:52 pts/0 00:00:00 grep --color=auto syslog
    – Aiurea Adica tot YO
    Jun 7 at 10:53










  • Jun 07 14:01:51 localhost.localdomain syslog-ng[3118]: /usr/sbin/syslog-ng: relocation error: /usr/lib64/libsyslog-ng-3.14.so.0: symbol SSL_CTX_get0_param, version libs Jun 07 14:01:51 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=127/n/a
    – Aiurea Adica tot YO
    Jun 7 at 11:02












up vote
0
down vote

favorite









up vote
0
down vote

favorite











This is the scenario: I have a server that's listening on port 6514 on TCP for logs. I created the .key .crt files on the server as described here: https://www.logzilla.net/2014/10/17/configuring-tls-tunnels-in-syslog-ng.html:



 [root@server1 ~]$ openssl genrsa -des3 -out logserver.key 2048
Generating RSA private key, 2048 bit long modulus
.................................................+++
.+++
e is 65537 (0x10001)
Enter pass phrase for logserver.key:
Verifying - Enter pass phrase for logserver.key:
[root@server1 ~]$ openssl req -new -key logserver.key -out logserver.csr
Enter pass phrase for logserver.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) :
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) :
Common Name (eg, your name or your server's hostname) :
Email Address :

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :
An optional company name :
[root@server1 ~]$ cp logserver.key logserver.key.org
[root@server1 ~]$ openssl rsa -in logserver.key.org -out logserver.key
Enter pass phrase for logserver.key.org:
writing RSA key
[root@server1 ~]$ openssl x509 -req -days 365 -in logserver.csr -signkey
logserver.key -out logserver.crt
Signature ok
subject=/C=XX/L=Default City/O=Default Company Ltd
Getting Private key


and placed the settings in a created file named tls.conf in the /etc/syslog-ng/conf.d



I followed the next instructions.
Connect to the Client and mkdir -p /etc/syslog-ng/ssl. Download/Upload the /etc/syslog-ng/ssl/logserver.crt (which was created earlier on the Server) to the Client system and put the file in /etc/syslog-ng/ssl on the Client.



Find the hash for your key by running openssl x509 -noout -hash -in /etc/syslog-ng/ssl/logserver.crt



Next, create a symbolic link to the certificate that uses the hash returned by the previous command, with an added .0 suffix.



ln -s /etc/syslog-ng/ssl/logserver.crt /etc/syslog-ng/ssl/84d92a45.0



As soon as I add the client-to-server.conf under /etc/syslog-ng/conf.d/client-to-server.conf that has the following



@version:3.14
@define allow-config-dups 1
@include "scl.conf"
destination d_tls
tcp("192.168.1.7" port(6514)
tls( ca_dir("/etc/syslog-ng/ssl/")) );
;

log
source(s_sys);
destination(d_tls);
;


the syslog-ng service won't start on the client.



 systemctl restart syslog-ng.service
Job for syslog-ng.service failed because the control process exited with
error code. See "systemctl status syslog-ng.service" and "journalctl -xe"
for details.



[root@localhost conf.d]# systemctl status syslog-ng.service -l
● syslog-ng.service - System Logger Daemon
Loaded: loaded (/usr/lib/systemd/system/syslog-ng.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit) since Thu 2018-06-07 22:50:30 EEST; 7min ago
Docs: man:syslog-ng(8)
Process: 18196 ExecStart=/usr/sbin/syslog-ng -F $SYSLOGNG_OPTS -p /var/run/syslogd.pid (code=exited, status=2)
Main PID: 18196 (code=exited, status=2)
Status: "Starting up... (Thu Jun 7 22:50:30 2018"

Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.

[root@localhost conf.d]# journalctl -xe
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022361] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022410] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.281966] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.282017] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522580] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522870] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.


What am I doing wrong?







share|improve this question













This is the scenario: I have a server that's listening on port 6514 on TCP for logs. I created the .key .crt files on the server as described here: https://www.logzilla.net/2014/10/17/configuring-tls-tunnels-in-syslog-ng.html:



 [root@server1 ~]$ openssl genrsa -des3 -out logserver.key 2048
Generating RSA private key, 2048 bit long modulus
.................................................+++
.+++
e is 65537 (0x10001)
Enter pass phrase for logserver.key:
Verifying - Enter pass phrase for logserver.key:
[root@server1 ~]$ openssl req -new -key logserver.key -out logserver.csr
Enter pass phrase for logserver.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) :
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) :
Common Name (eg, your name or your server's hostname) :
Email Address :

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :
An optional company name :
[root@server1 ~]$ cp logserver.key logserver.key.org
[root@server1 ~]$ openssl rsa -in logserver.key.org -out logserver.key
Enter pass phrase for logserver.key.org:
writing RSA key
[root@server1 ~]$ openssl x509 -req -days 365 -in logserver.csr -signkey
logserver.key -out logserver.crt
Signature ok
subject=/C=XX/L=Default City/O=Default Company Ltd
Getting Private key


and placed the settings in a created file named tls.conf in the /etc/syslog-ng/conf.d



I followed the next instructions.
Connect to the Client and mkdir -p /etc/syslog-ng/ssl. Download/Upload the /etc/syslog-ng/ssl/logserver.crt (which was created earlier on the Server) to the Client system and put the file in /etc/syslog-ng/ssl on the Client.



Find the hash for your key by running openssl x509 -noout -hash -in /etc/syslog-ng/ssl/logserver.crt



Next, create a symbolic link to the certificate that uses the hash returned by the previous command, with an added .0 suffix.



ln -s /etc/syslog-ng/ssl/logserver.crt /etc/syslog-ng/ssl/84d92a45.0



As soon as I add the client-to-server.conf under /etc/syslog-ng/conf.d/client-to-server.conf that has the following



@version:3.14
@define allow-config-dups 1
@include "scl.conf"
destination d_tls
tcp("192.168.1.7" port(6514)
tls( ca_dir("/etc/syslog-ng/ssl/")) );
;

log
source(s_sys);
destination(d_tls);
;


the syslog-ng service won't start on the client.



 systemctl restart syslog-ng.service
Job for syslog-ng.service failed because the control process exited with
error code. See "systemctl status syslog-ng.service" and "journalctl -xe"
for details.



[root@localhost conf.d]# systemctl status syslog-ng.service -l
● syslog-ng.service - System Logger Daemon
Loaded: loaded (/usr/lib/systemd/system/syslog-ng.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit) since Thu 2018-06-07 22:50:30 EEST; 7min ago
Docs: man:syslog-ng(8)
Process: 18196 ExecStart=/usr/sbin/syslog-ng -F $SYSLOGNG_OPTS -p /var/run/syslogd.pid (code=exited, status=2)
Main PID: 18196 (code=exited, status=2)
Status: "Starting up... (Thu Jun 7 22:50:30 2018"

Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.

[root@localhost conf.d]# journalctl -xe
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022361] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18190]: [2018-06-07T22:50:30.022410] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.281966] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18193]: [2018-06-07T22:50:30.282017] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Starting System Logger Daemon...
-- Subject: Unit syslog-ng.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has begun starting up.
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522580] Error setting up TLS session context; tls_error='(null):(null):(null)'
Jun 07 22:50:30 localhost.localdomain syslog-ng[18196]: [2018-06-07T22:50:30.522870] Error initializing message pipeline; plugin name='tcp', location='/etc/syslog-ng/conf.d/client-to-server.conf:5:7'
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service holdoff time over, scheduling restart.
Jun 07 22:50:30 localhost.localdomain systemd[1]: start request repeated too quickly for syslog-ng.service
Jun 07 22:50:30 localhost.localdomain systemd[1]: Failed to start System Logger Daemon.
-- Subject: Unit syslog-ng.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit syslog-ng.service has failed.
--
-- The result is failed.
Jun 07 22:50:30 localhost.localdomain systemd[1]: Unit syslog-ng.service entered failed state.
Jun 07 22:50:30 localhost.localdomain systemd[1]: syslog-ng.service failed.


What am I doing wrong?









share|improve this question












share|improve this question




share|improve this question








edited Jun 7 at 18:59
























asked Jun 7 at 8:12









Aiurea Adica tot YO

14




14











  • Use "-s" with "-f" options for syslog-ng to check if your configuration is correct: syslog-ng -s -f /path/to/syslog-ng-master-config-file
    – mariaczi
    Jun 7 at 9:01










  • Thank you for this suggestion. May I add that I've just updated the syslog-ng version which is version:3.14. The commands return nothing: ` [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf`
    – Aiurea Adica tot YO
    Jun 7 at 10:38











  • What you got in logs? Are you sure, that you don't have running other instance of syslog-ng: ps -ef | grep syslog?
    – mariaczi
    Jun 7 at 10:44










  • [root@localhost ~]# ps -ef | grep syslog root 2952 2628 0 13:52 pts/0 00:00:00 grep --color=auto syslog
    – Aiurea Adica tot YO
    Jun 7 at 10:53










  • Jun 07 14:01:51 localhost.localdomain syslog-ng[3118]: /usr/sbin/syslog-ng: relocation error: /usr/lib64/libsyslog-ng-3.14.so.0: symbol SSL_CTX_get0_param, version libs Jun 07 14:01:51 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=127/n/a
    – Aiurea Adica tot YO
    Jun 7 at 11:02
















  • Use "-s" with "-f" options for syslog-ng to check if your configuration is correct: syslog-ng -s -f /path/to/syslog-ng-master-config-file
    – mariaczi
    Jun 7 at 9:01










  • Thank you for this suggestion. May I add that I've just updated the syslog-ng version which is version:3.14. The commands return nothing: ` [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf`
    – Aiurea Adica tot YO
    Jun 7 at 10:38











  • What you got in logs? Are you sure, that you don't have running other instance of syslog-ng: ps -ef | grep syslog?
    – mariaczi
    Jun 7 at 10:44










  • [root@localhost ~]# ps -ef | grep syslog root 2952 2628 0 13:52 pts/0 00:00:00 grep --color=auto syslog
    – Aiurea Adica tot YO
    Jun 7 at 10:53










  • Jun 07 14:01:51 localhost.localdomain syslog-ng[3118]: /usr/sbin/syslog-ng: relocation error: /usr/lib64/libsyslog-ng-3.14.so.0: symbol SSL_CTX_get0_param, version libs Jun 07 14:01:51 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=127/n/a
    – Aiurea Adica tot YO
    Jun 7 at 11:02















Use "-s" with "-f" options for syslog-ng to check if your configuration is correct: syslog-ng -s -f /path/to/syslog-ng-master-config-file
– mariaczi
Jun 7 at 9:01




Use "-s" with "-f" options for syslog-ng to check if your configuration is correct: syslog-ng -s -f /path/to/syslog-ng-master-config-file
– mariaczi
Jun 7 at 9:01












Thank you for this suggestion. May I add that I've just updated the syslog-ng version which is version:3.14. The commands return nothing: ` [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf`
– Aiurea Adica tot YO
Jun 7 at 10:38





Thank you for this suggestion. May I add that I've just updated the syslog-ng version which is version:3.14. The commands return nothing: ` [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf [root@localhost ~]# syslog-ng -s -f /etc/syslog-ng/conf.d/sendlog.conf`
– Aiurea Adica tot YO
Jun 7 at 10:38













What you got in logs? Are you sure, that you don't have running other instance of syslog-ng: ps -ef | grep syslog?
– mariaczi
Jun 7 at 10:44




What you got in logs? Are you sure, that you don't have running other instance of syslog-ng: ps -ef | grep syslog?
– mariaczi
Jun 7 at 10:44












[root@localhost ~]# ps -ef | grep syslog root 2952 2628 0 13:52 pts/0 00:00:00 grep --color=auto syslog
– Aiurea Adica tot YO
Jun 7 at 10:53




[root@localhost ~]# ps -ef | grep syslog root 2952 2628 0 13:52 pts/0 00:00:00 grep --color=auto syslog
– Aiurea Adica tot YO
Jun 7 at 10:53












Jun 07 14:01:51 localhost.localdomain syslog-ng[3118]: /usr/sbin/syslog-ng: relocation error: /usr/lib64/libsyslog-ng-3.14.so.0: symbol SSL_CTX_get0_param, version libs Jun 07 14:01:51 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=127/n/a
– Aiurea Adica tot YO
Jun 7 at 11:02




Jun 07 14:01:51 localhost.localdomain syslog-ng[3118]: /usr/sbin/syslog-ng: relocation error: /usr/lib64/libsyslog-ng-3.14.so.0: symbol SSL_CTX_get0_param, version libs Jun 07 14:01:51 localhost.localdomain systemd[1]: syslog-ng.service: main process exited, code=exited, status=127/n/a
– Aiurea Adica tot YO
Jun 7 at 11:02










1 Answer
1






active

oldest

votes

















up vote
0
down vote













The syslog-ng client configuration section with tls for you should looks as below:



destination d_tls 
network("192.168.1.7" port(6514)
transport("tls")
tls( ca-dir("/etc/syslog-ng/ssl/ca.d")
key-file("/etc/syslog-ng/ssl/mykey.key")
cert-file("/etc/syslog-ng/ssl/mykey.pem")) );
;
log
source(s_sys);
destination(d_tls);
;





share|improve this answer























  • Thank you very much! How do I create/get the ca.d file? As mentioned before, all I have is the .pem and .key files.
    – Aiurea Adica tot YO
    Jun 7 at 12:23










  • ca.d is a directory with CA certificate. It must be the same as is installed on the server site (was used for issue certificate for client).
    – mariaczi
    Jun 7 at 12:28











  • May I please know how to configure it if the key and cert were generated using this command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 ?
    – Aiurea Adica tot YO
    Jun 7 at 14:10










  • Could you please looks on syslog-ng documentation - chapter about TLS: syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/… Here, you have a step by step how to configure syslog-ng server and client to use TLS: nineproductions.com/…
    – mariaczi
    Jun 8 at 6:19











  • This is the error I'm can't get past by and don't know how to solve: Error setting up TLS session context; tls_error='(null):(null):(null)'
    – Aiurea Adica tot YO
    Jun 8 at 11:39










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);








 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f448361%2fforwarding-syslog-ng-logs-over-tls%23new-answer', 'question_page');

);

Post as a guest






























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
0
down vote













The syslog-ng client configuration section with tls for you should looks as below:



destination d_tls 
network("192.168.1.7" port(6514)
transport("tls")
tls( ca-dir("/etc/syslog-ng/ssl/ca.d")
key-file("/etc/syslog-ng/ssl/mykey.key")
cert-file("/etc/syslog-ng/ssl/mykey.pem")) );
;
log
source(s_sys);
destination(d_tls);
;





share|improve this answer























  • Thank you very much! How do I create/get the ca.d file? As mentioned before, all I have is the .pem and .key files.
    – Aiurea Adica tot YO
    Jun 7 at 12:23










  • ca.d is a directory with CA certificate. It must be the same as is installed on the server site (was used for issue certificate for client).
    – mariaczi
    Jun 7 at 12:28











  • May I please know how to configure it if the key and cert were generated using this command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 ?
    – Aiurea Adica tot YO
    Jun 7 at 14:10










  • Could you please looks on syslog-ng documentation - chapter about TLS: syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/… Here, you have a step by step how to configure syslog-ng server and client to use TLS: nineproductions.com/…
    – mariaczi
    Jun 8 at 6:19











  • This is the error I'm can't get past by and don't know how to solve: Error setting up TLS session context; tls_error='(null):(null):(null)'
    – Aiurea Adica tot YO
    Jun 8 at 11:39














up vote
0
down vote













The syslog-ng client configuration section with tls for you should looks as below:



destination d_tls 
network("192.168.1.7" port(6514)
transport("tls")
tls( ca-dir("/etc/syslog-ng/ssl/ca.d")
key-file("/etc/syslog-ng/ssl/mykey.key")
cert-file("/etc/syslog-ng/ssl/mykey.pem")) );
;
log
source(s_sys);
destination(d_tls);
;





share|improve this answer























  • Thank you very much! How do I create/get the ca.d file? As mentioned before, all I have is the .pem and .key files.
    – Aiurea Adica tot YO
    Jun 7 at 12:23










  • ca.d is a directory with CA certificate. It must be the same as is installed on the server site (was used for issue certificate for client).
    – mariaczi
    Jun 7 at 12:28











  • May I please know how to configure it if the key and cert were generated using this command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 ?
    – Aiurea Adica tot YO
    Jun 7 at 14:10










  • Could you please looks on syslog-ng documentation - chapter about TLS: syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/… Here, you have a step by step how to configure syslog-ng server and client to use TLS: nineproductions.com/…
    – mariaczi
    Jun 8 at 6:19











  • This is the error I'm can't get past by and don't know how to solve: Error setting up TLS session context; tls_error='(null):(null):(null)'
    – Aiurea Adica tot YO
    Jun 8 at 11:39












up vote
0
down vote










up vote
0
down vote









The syslog-ng client configuration section with tls for you should looks as below:



destination d_tls 
network("192.168.1.7" port(6514)
transport("tls")
tls( ca-dir("/etc/syslog-ng/ssl/ca.d")
key-file("/etc/syslog-ng/ssl/mykey.key")
cert-file("/etc/syslog-ng/ssl/mykey.pem")) );
;
log
source(s_sys);
destination(d_tls);
;





share|improve this answer















The syslog-ng client configuration section with tls for you should looks as below:



destination d_tls 
network("192.168.1.7" port(6514)
transport("tls")
tls( ca-dir("/etc/syslog-ng/ssl/ca.d")
key-file("/etc/syslog-ng/ssl/mykey.key")
cert-file("/etc/syslog-ng/ssl/mykey.pem")) );
;
log
source(s_sys);
destination(d_tls);
;






share|improve this answer















share|improve this answer



share|improve this answer








edited Jun 7 at 12:07


























answered Jun 7 at 11:44









mariaczi

42915




42915











  • Thank you very much! How do I create/get the ca.d file? As mentioned before, all I have is the .pem and .key files.
    – Aiurea Adica tot YO
    Jun 7 at 12:23










  • ca.d is a directory with CA certificate. It must be the same as is installed on the server site (was used for issue certificate for client).
    – mariaczi
    Jun 7 at 12:28











  • May I please know how to configure it if the key and cert were generated using this command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 ?
    – Aiurea Adica tot YO
    Jun 7 at 14:10










  • Could you please looks on syslog-ng documentation - chapter about TLS: syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/… Here, you have a step by step how to configure syslog-ng server and client to use TLS: nineproductions.com/…
    – mariaczi
    Jun 8 at 6:19











  • This is the error I'm can't get past by and don't know how to solve: Error setting up TLS session context; tls_error='(null):(null):(null)'
    – Aiurea Adica tot YO
    Jun 8 at 11:39
















  • Thank you very much! How do I create/get the ca.d file? As mentioned before, all I have is the .pem and .key files.
    – Aiurea Adica tot YO
    Jun 7 at 12:23










  • ca.d is a directory with CA certificate. It must be the same as is installed on the server site (was used for issue certificate for client).
    – mariaczi
    Jun 7 at 12:28











  • May I please know how to configure it if the key and cert were generated using this command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 ?
    – Aiurea Adica tot YO
    Jun 7 at 14:10










  • Could you please looks on syslog-ng documentation - chapter about TLS: syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/… Here, you have a step by step how to configure syslog-ng server and client to use TLS: nineproductions.com/…
    – mariaczi
    Jun 8 at 6:19











  • This is the error I'm can't get past by and don't know how to solve: Error setting up TLS session context; tls_error='(null):(null):(null)'
    – Aiurea Adica tot YO
    Jun 8 at 11:39















Thank you very much! How do I create/get the ca.d file? As mentioned before, all I have is the .pem and .key files.
– Aiurea Adica tot YO
Jun 7 at 12:23




Thank you very much! How do I create/get the ca.d file? As mentioned before, all I have is the .pem and .key files.
– Aiurea Adica tot YO
Jun 7 at 12:23












ca.d is a directory with CA certificate. It must be the same as is installed on the server site (was used for issue certificate for client).
– mariaczi
Jun 7 at 12:28





ca.d is a directory with CA certificate. It must be the same as is installed on the server site (was used for issue certificate for client).
– mariaczi
Jun 7 at 12:28













May I please know how to configure it if the key and cert were generated using this command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 ?
– Aiurea Adica tot YO
Jun 7 at 14:10




May I please know how to configure it if the key and cert were generated using this command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 ?
– Aiurea Adica tot YO
Jun 7 at 14:10












Could you please looks on syslog-ng documentation - chapter about TLS: syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/… Here, you have a step by step how to configure syslog-ng server and client to use TLS: nineproductions.com/…
– mariaczi
Jun 8 at 6:19





Could you please looks on syslog-ng documentation - chapter about TLS: syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/… Here, you have a step by step how to configure syslog-ng server and client to use TLS: nineproductions.com/…
– mariaczi
Jun 8 at 6:19













This is the error I'm can't get past by and don't know how to solve: Error setting up TLS session context; tls_error='(null):(null):(null)'
– Aiurea Adica tot YO
Jun 8 at 11:39




This is the error I'm can't get past by and don't know how to solve: Error setting up TLS session context; tls_error='(null):(null):(null)'
– Aiurea Adica tot YO
Jun 8 at 11:39












 

draft saved


draft discarded


























 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f448361%2fforwarding-syslog-ng-logs-over-tls%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?