i am setting up SSL connection between rsyslog over linux box and nxlog endpoint. While win boxes connect like a charm linux boxes issue the following:
2018-10-12 11:51:26 ERROR remote ssl socket was reset? (SSL_ERROR_SSL with errno=9); End of file found
I then found on your forum this post https://nxlog.co/question/1926/nxlog-ce-v291716-certificate-built-ecdsa-key where they talk about rebuild certificate without Digital Signature KeyUsage flag.
I assumed to rebuild client.crs since my rootCA.crt does not report any Digital Signature :
X509v3 extensions: X509v3 Subject Key Identifier: AB:E6:E4:61:11:89:43:21:87:FB:91:08:44:C0:15:A7:41:3B:A3:53 X509v3 Authority Key Identifier: keyid:AB:E6:E4:61:11:89:43:21:87:FB:91:08:44:C0:15:A7:41:3B:A3:53 DirName:/C=US/ST=Some-State/L=Somecity/O=CompanyName/OU=Organizational Unit Name (eg, section)/CN=Common Name (e.g. server FQDN or YOUR name)/emailAddress=Email Address serial:AF:06:5F:4B:97:ED:81:90 X509v3 Basic Constraints: CA:TRUE X509v3 Key Usage: Certificate Sign, CRL Sign
I built a new client.csr without any trace of X509v3 extensions, but i always get the same error message.
Any help is well appreciated. Thanks