SSLv3 Handshake error using om_http to POST events to AWS API Gateway
concanno
I am trying to use the om_http module to POST events to an AWS API Gateway (which won't allow SSLv3 connections). Looking at this forum and the documentation, it seems like the latest version of the community edition, nxlog-ce-2.9.1716, should support TLSv1.2, but I keep getting the following error when it attempts to connect to my API:
ERROR SSL error, SSL_ERROR_SSL: retval -1, sslv3 alert handshake failure
Below is my config for the output:
<Output out>
Module om_http
URL https://<my api endpoint>
ContentType "application/json"
</Output>
I have also tried using HTTPSAllowUntrusted TRUE, which doesn't change anything. Also, I tested the API endpoint with curl and it works fine.
Thanks in advance for any help!
UPDATE: It looks like nxlog is negotiating using TLSv1.2 (discovered with wireshark). I also discovered that AWS API Gateway requires the SNI extension to TLS. This is likely the problem if nxlog-ce doesn't support SNI. Any idea if/when that will be supported in the community edition?
