Because of my lack of encryption knowledge, I search and found these instructions that I followed in order to create an SSL connection between an nxlog client (Windows server 2008 R2) and a graylog server.
So I transfered the
"nxlog-ca.crt" to the client and indicated to the graylog server "nxlog-ca.key" as the TLS private key file and "nxlog-ca.crt" as the TLS cert file.
Here is the nxlog.conf :
define ROOT C:\Program Files (x86)\nxlog
define CERTDIR %ROOT%\cert
<Select Path="Application">*[System[(Level=1 or Level=2 or Level=3)]]</Select>\
<Select Path="Security">*[System[(Level=1 or Level=2 or Level=3)]]</Select>\
<Select Path="System">*[System[(Level=1 or Level=2 or Level=3)]]</Select>\
<Select Path="HardwareEvents">*[System[(Level=1 or Level=2 or Level=3)]]</Select>\
Path in => sslout
But when I launch "nxlog.exe -f" here is the error :
2015-08-04 12:23:05 INFO nxlog-ce-2.9.1347 started
2015-08-04 12:23:05 INFO connecting to host_ip_address:12201
2015-08-04 12:23:05 INFO successfully connect to host_ip_address:12201
2015-08-04 12:23:05 INFO remote socket was closed during SSL handshake
2015-08-04 12:23:05 INFO reconnecting in 1 seconds
And That's it. What am I missing ?
I read in the documentation that all the files about the certificates are in "pem" format but when I create it from certtool I have "crt" and "key" format files.