Replies: 1 comment
-
Hi Someone can assist? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi Team,
I've Created a Root CA and signed a certificate using this root ca.
This in order to connect IBM's DLC to ESET PROTECT ON CLOUD via TLS Syslog.
When Im trying to check my CA im getting this error:
Running that command:
openssl s_client -connect localhost:6514 -showcerts < /dev/null
getting this error:
140351967975232:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1544:SSL alert number 40
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 289 bytes
Verification: OK
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
This is a lab enviorment
Linux CentOS 8
PF Sense is my firewall.
I've added nat portforward rules that should correspond with the server.
Trying to connect to the eset but get this error
Im on it for couple of days and would really appriciate your assistence here.
Here is my DLC error:
with the handshake:
2024-03-11 19:07:57,293 [Thread-23] com.q1labs.semsources.sources.tlssyslog.TLSSyslogProvider: [INFO] [NOT:0000006000][10.66.7.64/- -] [-/- -]TLSSyslog has accepted a connection from [/51.136.106.164:20568] using Protocol [NONE] and Cipher [SSL_NULL_WITH_NULL_NULL] - Connection count [1] of maximum [50]
2024-03-11 19:07:57,295 [Thread-26] com.q1labs.semsources.sources.tlssyslog.TLSConnectionProcessor: [ERROR] [NOT:0000003000][10.66.7.64/- -] [-/- -]An IOException occurred during SSL Socket Handshake with /51.136.106.164:20568 Closing socket.
java.net.SocketException: Socket has been closed or broken
at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402) ~[?:8.0 build_20230815--93]
at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:385) ~[?:8.0 build_20230815--93]
at com.q1labs.semsources.sources.tlssyslog.TLSConnectionProcessor.setSocketPropertiesAndHandShake(TLSConnectionProcessor.java:59) [tlssyslog-7.4-20200916133826.jar:?]
at com.q1labs.semsources.sources.tlssyslog.TLSConnectionProcessor.access$200(TLSConnectionProcessor.java:16) [tlssyslog-7.4-20200916133826.jar:?]
at com.q1labs.semsources.sources.tlssyslog.TLSConnectionProcessor$TLSConnectionProcessorThread.run(TLSConnectionProcessor.java:735) [tlssyslog-7.4-20200916133826.jar:?]
2024-03-11 19:07:57,296 [Thread-26] com.q1labs.semsources.sources.tlssyslog.TLSConnectionProcessor: [INFO] [NOT:0000006000][10.66.7.64/- -] [-/- -]TLSSyslog cleaning up connection to null socket [/51.136.106.164:20568]
2024-03-11 19:07:57,297 [Thread-26] com.q1labs.semsources.sources.tlssyslog.TLSSyslogProvider: [INFO] [NOT:0000006000][10.66.7.64/- -] [-/- -]Removed TLS processor for [/51.136.106.164:20568] - Current Connection Count [0] of maximum [50]
If you have some insights please share it with me.
Thanks so much,
Best Regards,
Ofek
Beta Was this translation helpful? Give feedback.
All reactions