-----Original Message-----
sophie.loewenthal--- via rsyslog
Sent: Tuesday, November 13, 2018 10:06 AM
To: rsyslog-users
Cc: LOEWENTHAL Sophie
Subject: [rsyslog] TLS and rsyslog
Hi,
I've read lots of dox on setting up TLS for sending logs and every time I see one
has to set up a CA and then have a certificate for every client. I'd have to create
1001 certificates and then a new client cert for every new server. This is
impractical and the time is not available to perform the task. For comparison,
we don't require every user's browser to have a client cert to connect with a
webserver, like Paypal, and I use self-signed certs for some internal web servers.
In my case the objective to to encrypt the syslog data sent over the network, but
not to identify the sending machine.
Is there a way to have rsyslog use a self-signed certificate and trust all the
clients that connect over TLS?
https://access.redhat.com/solutions/519533
https://waqarafridi.wordpress.com/2015/11/16/configure-ssltls-between-two-
rsyslog-systems/
And the list goes on.
Best wishes,
Sophie
Not working on Mondays/ Travailler sauf le lundi
This message and any attachments (the "message") is
intended solely for the intended addressees and is confidential.
If you receive this message in error,or are not the intended recipient(s),
please delete it and any copies from your systems and immediately notify
the sender. Any unauthorized view, use that does not comply with its purpose,
dissemination or disclosure, either whole or partial, is prohibited. Since the internet
cannot guarantee the integrity of this message which may not be reliable, BNP PARIBAS
(and its subsidiaries) shall not be liable for the message if modified, changed or
falsified.
Do not print this message unless it is necessary, consider the environment.
--------------------------------------------------------------------------------------------------
--------------------------------
Ce message et toutes les pieces jointes (ci-apres le "message")
sont etablis a l'intention exclusive de ses destinataires et sont confidentiels.
Si vous recevez ce message par erreur ou s'il ne vous est pas destine,
merci de le detruire ainsi que toute copie de votre systeme et d'en avertir
immediatement l'expediteur. Toute lecture non autorisee, toute utilisation de
ce message qui n'est pas conforme a sa destination, toute diffusion ou toute
publication, totale ou partielle, est interdite. L'Internet ne permettant pas d'assurer
l'integrite de ce message electronique susceptible d'alteration, BNP Paribas
(et ses filiales) decline(nt) toute responsabilite au titre de ce message dans l'hypothese
ou il aurait ete modifie, deforme ou falsifie.
N'imprimez ce message que si necessaire, pensez a l'environnement.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T
LIKE THAT.