Request trial
Request Trial

NXlog om_ssl infinite reconnection after handshake fail with a SaaS Log Centralizer

Tags:
#1 Pierre.Guceski

Hi, 

This question follow an old one: https://nxlog.co/question/1252/nxlog-omssl-infinite-reconnection-saas-log-centralizer

We are trying to connect NXLog with Logmatic.io with a SSL connection. 
The certificate provided by Logmatic is still valid and works with Rsyslog, Syslog-NG or Open-SSL.. (you can find the certificate here : https://doc.logmatic.io/docs/logging-from-windows)

However, no matter how hard we tried to connect NXLog we had no succes, and we are now stuck without any ideas of what can we do/test to make it work.

Our config hasn't changed:

<Output out>
Module om_ssl
Host api.logmatic.io
Port 10515
CAFile <path_to_your_.crt_file>

####Add the API key before the event
Exec $raw_event="<your_api_key> "+$raw_event;
</Output>

We tried a lot more configuration with AllowUntrusted TRUE/FALSE, CertFile, etc... But the result is always the same:

2016-01-06 16:19:56 INFO nxlog-ce-2.9.1504 started
2016-01-06 16:19:56 INFO connecting to api.logmatic.io:10515
2016-01-06 16:19:57 INFO successfully connected to api.logmatic.io:10515
2016-01-06 16:19:57 INFO reconnecting in 1 seconds
2016-01-06 16:19:57 ERROR SSL certificate verification failed: unable to get local issuer certificate (err: 20)
2016-01-06 16:19:58 INFO connecting to api.logmatic.io:10515
2016-01-06 16:19:58 INFO successfully connected to api.logmatic.io:10515
2016-01-06 16:19:58 INFO reconnecting in 1 seconds
2016-01-06 16:19:58 ERROR SSL certificate verification failed: unable to get local issuer certificate (err: 20)

We wiresharked the connection to logmatic (which doesn't work) and the connection to Loggly (which worked) both with the same configuration file.
https://drive.google.com/folderview?id=0B7GCHhnklusNcjgxM3ozeTZseVU&usp=sharing
The only difference were in the configuration settings (host, port, certificate..)

It seems that the Handshake between Nxlog and logmatic.io server is the root of this bug. Do you know why ? 
Since it's Nxlog which refuse to extablish the connection, do you know why the option "AllowUntrusted false" in Nxlog.conf doesn't work ? 

Sorry to bother you again with that but we tried everything and are now short of ideas :/

Many Thanks in advance !

 

Permalink
#2 Pierre.Guceski
#1 Pierre.Guceski
Hi,  This question follow an old one: https://nxlog.co/question/1252/nxlog-omssl-infinite-reconnection-saas-log-centralizer We are trying to connect NXLog with Logmatic.io with a SSL connection. The certificate provided by Logmatic is still valid and works with Rsyslog, Syslog-NG or Open-SSL.. (you can find the certificate here : https://doc.logmatic.io/docs/logging-from-windows) However, no matter how hard we tried to connect NXLog we had no succes, and we are now stuck without any ideas of what can we do/test to make it work. Our config hasn't changed: <Output out> Module om_ssl Host api.logmatic.io Port 10515 CAFile <path_to_your_.crt_file> ####Add the API key before the event Exec $raw_event="<your_api_key> "+$raw_event; </Output> We tried a lot more configuration with AllowUntrusted TRUE/FALSE, CertFile, etc... But the result is always the same: 2016-01-06 16:19:56 INFO nxlog-ce-2.9.1504 started 2016-01-06 16:19:56 INFO connecting to api.logmatic.io:10515 2016-01-06 16:19:57 INFO successfully connected to api.logmatic.io:10515 2016-01-06 16:19:57 INFO reconnecting in 1 seconds 2016-01-06 16:19:57 ERROR SSL certificate verification failed: unable to get local issuer certificate (err: 20) 2016-01-06 16:19:58 INFO connecting to api.logmatic.io:10515 2016-01-06 16:19:58 INFO successfully connected to api.logmatic.io:10515 2016-01-06 16:19:58 INFO reconnecting in 1 seconds 2016-01-06 16:19:58 ERROR SSL certificate verification failed: unable to get local issuer certificate (err: 20) We wiresharked the connection to logmatic (which doesn't work) and the connection to Loggly (which worked) both with the same configuration file. https://drive.google.com/folderview?id=0B7GCHhnklusNcjgxM3ozeTZseVU&usp=sharing The only difference were in the configuration settings (host, port, certificate..) It seems that the Handshake between Nxlog and logmatic.io server is the root of this bug. Do you know why ?  Since it's Nxlog which refuse to extablish the connection, do you know why the option "AllowUntrusted false" in Nxlog.conf doesn't work ?  Sorry to bother you again with that but we tried everything and are now short of ideas :/ Many Thanks in advance !  

Hello again,

Do you have any idea of what could have happen?

Best regards,
Login to see more

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS