TLS Syslog Cert Question - PEM vs CER
We are cutting our NXLog Community version over to a new solution and are currently using .pem certificate files to encrypt syslog in the om_ssl module. The new system is using a .cer file for the certificate and when cutting over an agent to reference the .cer rather than .pem, it doesn't seem like the logs are being decrypted. I didn't see anything in the documentation indicating NXLog doesn't support .cer or only supports .pem, but I wanted to query the forum to see if anyone else experienced issues with setting the TLS to utilize a .epm files for encrypted log forwrding.
Please note that the extensions used for PEM certificates are cer, crt, and pem. But there is a difference: a .PEM file may also contain a complete certificate chain, where the chain starts with the leaf / end certificate of the service, followed by the certificate that signed it, usually up to but not including the trusted root certificate. The .CER and .CRT files are also saved in the PEM format but only store certificates.
So, this could be a missing information problem and not an issue with the file format. You can check it easily if you have OpenSSL tool installed. You just use OpenSSL to convert .CER to .PEM:
openssl x509 -in certificatename.cer -outform PEM -out certificatename.pem
Please try using NXLog with the new .PEM file.