On 2013-07-08 16:34, Szajt, Pablo wrote:

I have the task to install a secure syslog server using syslog-ng and stunnel.
The Syslog server is a Solaris 10 and Syslog clients are HP-UX 11.31.

I've spent already so many hours and I cannot make it run properly.
I know syslog-ng works well without stunnel.

I'm pretty sure someone is already using it. I'd like to have step by step installation process. I have no issue if I have to start from scratch.

There are several HOWTOs available, e.g.:
http://www.linuxhowtos.org/Security/stunnel.htm
https://www.linux.com/community/blogs/133-general-linux/9486
although their approach is *not* the best one.

The right solution is to setup inetd-mode stunnel configuration files (without any [service sections]), e.g.:
client=yes
connect=www.server.com:12345
cafile=server.pem
verify=4
on the client, and:
accept=12345
cert=server.pem
key=server.key
on the server.

Stunnel should then be invoked with the "program()" driver of syslog-ng:
http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guides/en/syslog-ng-ose-v3.3-guide-admin-en/html/configuring_destinations_program.html

Mike