clientLog rsyslogd: omrelp: could not connect to remote server, librelp error 10007 #5354
Comments
|
There seems to be a problem with the remote peer, as the TLS handshake fails because of a wrong version number. Be sure to check that TLS is enabled at the peer AND TLS parameters on both peers are compatible. |
|
I'll check that. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Environment
rsyslog version:
rsyslogd 8.2302.0 (aka 2023.02) compiled with:
PLATFORM: x86_64-pc-linux-gnu
PLATFORM (lsb_release -d):
FEATURE_REGEXP: Yes
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
memory allocator: system default
Runtime Instrumentation (slow code): No
uuid support: Yes
systemd support: Yes
Config file: /etc/rsyslog.conf
PID file: /run/rsyslogd.pid
Number of Bits in RainerScript integers: 64
platform: debian 12
server :
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
#module(load="immark") # provides --MARK-- message capability
provides UDP syslog reception
#module(load="imudp")
#input(type="imudp" port="514")
provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")
module(load="imrelp" tls.tlslib="openssl")
input(type="imrelp" port="7514" maxDataSize="10k"
tls="on"
tls.cacert="/etc/ssl/ca.pem"
tls.mycert="/etc/ssl/centralLog.crt"
tls.myprivkey="/etc/ssl/centralLog.pem"
tls.authmode="name"
tls.permittedpeer="clientLog.lpic.lan"
tls.tlscfgcmd="Protocol=ALL,-SSLv2,-SSLv3"
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
#module(load="immark") # provides --MARK-- message capability
provides UDP syslog reception
#module(load="imudp")
#input(type="imudp" port="514")
provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")
module(load="omrelp" tls.tlslib="openssl")
action(type="omrelp"
target="192.168.0.4"
port="7514"
tls="on"
timeout="90"
conn.timeout="10"
tls.cacert="/etc/ssl/ca.pem"
tls.mycert="/etc/ssl/clientLog.crt"
tls.myprivkey="/etc/ssl/clientLog.pem"
tls.authmode="name"
tls.permittedpeer="centralLog.lpic.lan"
when I look at the logs on the server it gives me this:
2024-04-01T04:12:57.446208+02:00 centralLog rsyslogd: imrelp[7514]: error 'relpTcpRtryHandshake_ossl: Server handshake failed with 1 - Aborting handshake.', object 'lstn 7514: conn to clt 192.168.0.8/192.168.0.8' - input may not work as intended [v8.2302.0 try https://www.rsyslog.com/e/2353 ]
2024-04-01T04:12:57.447583+02:00 centralLog rsyslogd: imrelp[7514]: error 'relpTcpLastSSLErrorMsg: OpenSSL Error Stack: error:0A00010B:SSL routines::wrong version number ', object 'lstn 7514: conn to clt 192.168.0.8/192.168.0.8' - input may not work as intended [v8.2302.0 try https://www.rsyslog.com/e/2353 ]
2024-04-01T04:12:57.452378+02:00 centralLog rsyslogd: imrelp[7514]: error 'relpTcpRtryHandshake_ossl: Server handshake failed with 1 - Aborting handshake.', object 'lstn 7514: conn to clt 192.168.0.8/192.168.0.8' - input may not work as intended [v8.2302.0 try https://www.rsyslog.com/e/2353 ]
2024-04-01T04:12:57.452726+02:00 centralLog rsyslogd: imrelp[7514]: error 'relpTcpLastSSLErrorMsg: OpenSSL Error Stack: error:0A00010B:SSL routines::wrong version number ', object 'lstn 7514: conn to clt 192.168.0.8/192.168.0.8' - input may not work as intended [v8.2302.0 try https://www.rsyslog.com/e/2353 ]
but the server receive the log from the client.
The text was updated successfully, but these errors were encountered: