This message originated from Cribl Community Slack.
Click here to view the original link.
Has anyone successfully configured an Akeyless audit logs TCP listener with TLS? Ours works without TLS, but when we try to enable regular TLS or mTLS, we stop receiving events. We have other log sources successfully using TLS in the same worker group from the same network
Solved
Akeyless Audit Logs TCP Listener Fails To Receive Events With TLS Enabled
Best answer by Jon Rust
Can you use openssl to validate the server side?
Something like
openssl s_client -connect hostname:port
You should get the TLS handshake, including certs returned to you. Make sure the server cert matches
Definitely. Would need more info to troubleshoot
Our fixed certificate is not successfully forwarding events. We have uploaded our cribl certificate to akeyless per the syslog config instructions here: Log Forwarding. The part we are confused on is if this means we need to set up mutual auth in cribl and if so what options to select. Is there any documented examples of this from the cribl side?
No, mTLS is not required there. I'm assuming they want the public cert for the server, but it's hard to tell from their docs
is this a Cribl Cloud install, or a self-managed? Did you upload the private key, the public cert, or the CA cert?
This is self managed, I used our public cert certificate.pem file that we use on our other TLS deployments without issue.
Can you use openssl to validate the server side?
Something like
openssl s_client -connect hostname:port
You should get the TLS handshake, including certs returned to you. Make sure the server cert matchesSign up
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.