On Fri, Sep 16, 2011 at 2:09 AM, Cary Corse cary.corse@zestia.com wrote:
I'm trying to use stunnel to connect to a secure server for syslogging. I have a certificate from the central logging server. How do I load this into stunnel so that I can connect?
Hi Cary
Assuming the server is already set up, the client config is as follows: 1. Set client = yes inside your stunnel conf 2. Add a section that listens on localhost on some random port e.g. 2514, then uses the cert you were given to connect to the remote server 3. Make sure your local syslog.conf logs to localhost on that port you chose.
Something like this in the stunnel conf: <snip> ; Use it for client mode client = yes ; Service-level configuration [syslog] accept = 127.0.0.1:2514 connect = <remote server>:<remote port> cert = /path/to/cert ; key = /path/to/key (if cert and key in separate files)
Then your syslog.conf will contain something similar to this *.=info;*.=notice;*.=warning;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none @127.0.0.1:2514
There's quite a good article on the subject here: http://freshmeat.net/articles/ssl-encrypting-syslog-with-stunnel