By default, you cannot browse encrypted logstores from the syslog-ng Store Box(SSB) web interface, because the required decryption keys are not available on SSB. To make browsing and searching encrypted logstores possible, SSB provides the following options:

NOTE: Do not use SSB's own keys and certificates for encrypting or decrypting.

One Identity recommends:

  • Using 2048-bit RSA keys (or stronger).

  • Using the SHA-256 hash algorithm (or stronger) when creating the public key fingerprint.