4
responses

Hi,

I am using om_http module to send windows eventlogs to AWS API Gateway for further processing. I kept HTTPSAllowUntrusted to True. But I keep getting <cloudfront_hostname>:443 connection failure reconnecting in ## seconds. I can POST data to the URI using curl just fine. I believe it is related to SNI support, which was also limiting other tools like wrk, ab, siege https://github.com/wg/wrk/issues/149 . 

Is there any workaround or fix to support SNI?

Thanks,

Shri

AskedJune 13, 2016 - 3:09am

Answers (2)

Have you tried om_ssl instead of om_http?

The om_ssl module provides an SSL/TLS transport that  behaves similarly to the om_tcp module, except that an SSL handshake is performed at connection time and the data is received over a secure channel.

SNI is not supported yet. We are working on adding this to the NXLog EE, it will be merged into the CE afterwards.

Comments (2)

  • bourazaniss's picture

    Shri assumes that this is probably an SNI problem, but he does not give enough information to be sure ourselves that this is actual an SNI related failure or just a configuration problem.

  • shribigb's picture

    Hi,

    My conf looks like this

    <Output out>
        Module      om_http
        Url         https://<API ID>.execute-api.us-west-2.amazonaws.com/stage/sqlserver_alerts
        ContentType application/json
        HTTPSAllowUntrusted    TRUE
    </Output>

    And in logs I see following:

    2016-06-13 17:25:07 INFO connecting to <API ID>.execute-api.us-west-2.amazonaws.com:443
    2016-06-13 17:25:07 INFO reconnecting in 1200 seconds
    2016-06-13 17:25:07 ERROR remote ssl socket was reset? (SSL_ERROR_SSL with errno=9); End of file found

    I checked other tools which had similar issue with AWS API Gateway and each one has similar resolution related to SNI. I dont know how I will be able to use om_ssl in this case either because nothing exist at <API ID>.execute-api.us-west-2.amazonaws.com:443. I get bad request error

    ERROR

    The request could not be satisfied.


    Bad request. 


    Generated by cloudfront (CloudFront)
    Request ID: tz_i8FHTo16Jmi1hlVNM5SZX57bXcCOEv9Jb6ARmNpeneeydYVwhMQ==

     

    Thanks,

    Shri