rsyslog 中的 ssl 加密

发布于 2024-11-30 02:22:33 字数 1645 浏览 0 评论 0原文

谁能给我提示这个问题出在哪里，

我无法加密从客户端计算机到中央日志的日志文件，我不明白原因，我可以获得任何相关信息吗？（我可以看到未加密的文件，传向中央服务器（ngrep - 进出））

Senario，我正在使用，已经创建的证书，它是 godaddy 授权的 CA。

客户端 rsyslog.conf：

$ModLoad imuxsock.so
$ModLoad imklog.so
$ModLoad imtcp


$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /rsyslog/pki/something.example.net.crt
$DefaultNetstreamDriverCertFile /rsyslog/pki/something.example.com.crt
$DefaultNetstreamDriverKeyFile /rsyslog/pki/something.example.com.key

$ActionSendStreamDriverAuthMode x509/name 
$ActionSendStreamDriverMode 1 

*.* @@machine.example.net:10514

时，系统挂起

异常：当我启用 defaultnetstreamDriver gtls服务器 rsyslog.conf

$ModLoad ommysql
#$UDPServerRUn 514

$ModLoad immark # provides --MARK-- message capability
#$ModLoad imudp # provides UDP syslog reception
$ModLoad imtcp # provides TCP syslog reception
$ModLoad imgssapi # provides GSSAPI syslog reception
#$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog # provides kernel logging support (previously done by rklogd)


$InputTCPServerRun 10514

*.*    :ommysql:127.0.0.1,dbname,username,password

$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /var/www/html/rsyslog/ssl/something.example.net.crt
$DefaultNetstreamDriverCertFile /var/www/html/rsyslog/ssl/something.example.net.crt
$DefaultNetstreamDriverKeyFile /var/www/html/rsyslog/ssl/something.example.net.key 


$ActionSendStreamDriverAuthMode  anon
$ActionSendStreamDriverPermittedPeer *.example.net
$ActionSendStreamDriverMode 1

原文

could anyone give me hint where this problem is,

I am unable to encrypt log files comming from my client machine to central log, i dont understand the reason, could i get any relevent information. (i can see unencrypted files, coming towards central server (ngrep - in and out both))

Senario, I am using, already created certificate which is an authorized CA by godaddy.

Client rsyslog.conf:

$ModLoad imuxsock.so
$ModLoad imklog.so
$ModLoad imtcp


$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /rsyslog/pki/something.example.net.crt
$DefaultNetstreamDriverCertFile /rsyslog/pki/something.example.com.crt
$DefaultNetstreamDriverKeyFile /rsyslog/pki/something.example.com.key

$ActionSendStreamDriverAuthMode x509/name 
$ActionSendStreamDriverMode 1 

*.* @@machine.example.net:10514

unusual: system gets hung, when i enable defaultnetstreamDriver gtls

Server rsyslog.conf

$ModLoad ommysql
#$UDPServerRUn 514

$ModLoad immark # provides --MARK-- message capability
#$ModLoad imudp # provides UDP syslog reception
$ModLoad imtcp # provides TCP syslog reception
$ModLoad imgssapi # provides GSSAPI syslog reception
#$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog # provides kernel logging support (previously done by rklogd)


$InputTCPServerRun 10514

*.*    :ommysql:127.0.0.1,dbname,username,password

$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /var/www/html/rsyslog/ssl/something.example.net.crt
$DefaultNetstreamDriverCertFile /var/www/html/rsyslog/ssl/something.example.net.crt
$DefaultNetstreamDriverKeyFile /var/www/html/rsyslog/ssl/something.example.net.key 


$ActionSendStreamDriverAuthMode  anon
$ActionSendStreamDriverPermittedPeer *.example.net
$ActionSendStreamDriverMode 1

分享到QQ

分享到微博