syslog-ng Premium Edition 7.0.14 - Mutual authentication using TLS

Testing what you have done

After configuring syslog-ng PE, test if everything works as expected.

To test the configuration

  1. On the client side, enter the following command:

    logger "This is a test message"

  2. On the server side, tail the file, where logs from the network are arriving. You should see something similar in case of the above test message:

    tail -f /var/log/messages | grep test

    Jun 26 19:12:06 172.16.177.129 root: This is a test message 

    If you cannot see it, check the log file, where the internal messages of syslog-ng are stored, both on the server and the client side. The most common causes of the problem are the following:

    • There is no trace of connection at all (internal logs show connection attempts), there is a network / firewall problem, or incorrectly configured destination or listening IP.

    • With new certificates an incorrectly configured clock can already cause problems. Check if all of your systems have the same time / time zone.

    • Make sure, that the Common Name is set to the correct FQDN or IP address. If you use FQDN, make sure, that your DNS server works correctly.

    • Do not include an e-mail address in the client and server certificates.

    • For more information about TLS-related error messages, see "Error messages" in the Administration Guide.

Summary

This tutorial has shown you how to encrypt and authenticate the connection between your clients and your logserver.

Related Documents