Multiple TLS configurations in a single conf file

This is the place for you, if you got rsyslog up and running but wonder how to make it do what you want.

Moderator: rgerhards

Google Ads


Multiple TLS configurations in a single conf file

Postby mohxinn » Tue Aug 01, 2017 11:57 am

Hi,

I have a rsyslog server (v8.4) that is running TLS on TCP port 6514. I want to receive logs from another client that uses a different CA certificate chain and hence requires a different TLS configuration. I have generated certificate for the syslog server using the new certificate chain so that syslog server can communicate.

Is it possible to have multiple TLS configurations in one .conf file?

Would something like below work i.e. having 2 TCP ports linked to different TLS config?

Code: Select all
$ModLoad imtcp

# make gtls driver the default
$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /root/rtsel/autotest_do_not_remove/RootCA.pem
$DefaultNetstreamDriverCertFile /root/rtsel/autotest_do_not_remove/external_syslog_chain_1.pem
$DefaultNetstreamDriverKeyFile /root/rtsel/autotest_do_not_remove/key_external_syslog_chain_1.pem

$InputTCPServerStreamDriverAuthMode x509/certvalid
$InputTCPServerStreamDriverMode 1   # run driver in TLS-only mode
$InputTCPServerRun 6514

# certificate files
$DefaultNetstreamDriverCAFile /root/rtsel/autotest_do_not_remove/RootCA.pem
$DefaultNetstreamDriverCertFile /root/rtsel/autotest_do_not_remove/external_syslog_chain_1.pem
$DefaultNetstreamDriverKeyFile /root/rtsel/autotest_do_not_remove/key_external_syslog_chain_1.pem

$InputTCPServerStreamDriverAuthMode x509/certvalid
$InputTCPServerStreamDriverMode 1   # run driver in TLS-only mode
$InputTCPServerRun 10514


Thank you in advance!
mohxinn
New
 
Posts: 1
Joined: Tue Aug 01, 2017 11:14 am

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Google Ads


Return to Configuration

Who is online

Users browsing this forum: No registered users and 1 guest

cron