blob: aef8117c96f52453294f7d1fe48756aa5420dfc6 (
plain)
- # enable gtls driver and make it the default
- $ModLoad imtcp
- $DefaultNetstreamDriver gtls
- # certificate files
- $DefaultNetstreamDriverCAFile /etc/ssl/certs/ca-certificates.crt
- $DefaultNetstreamDriverCertFile /etc/ssl/certs/rsyslog.pem
- $DefaultNetstreamDriverKeyFile /etc/ssl/private/rsyslog.pem
- $InputTCPServerStreamDriverAuthMode x509/name
- $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
- # sample reception (repeat last line for each client)
- #$InputTCPServerRun 514
- #$InputTCPServerStreamDriverPermittedPeer *.example.net
- # sample sending (repeat all lines for each server)
- #$ActionSendStreamDriverAuthMode x509/name
- #$ActionSendStreamDriverMode 1 # run driver in TLS-only mode
- #$ActionSendStreamDriverPermittedPeer central.example.net
- #*.* @@central.example.net:514 # forward everything to remote server
|
