[stunnel-users] Certificates

David van Zijl davidvz at gmail.com
Fri Sep 16 02:25:08 CEST 2011


On Fri, Sep 16, 2011 at 2:09 AM, Cary Corse <cary.corse at zestia.com> wrote:
> I'm trying to use stunnel to connect to a secure server for syslogging.  I have a certificate from the central logging server.  How do I load this into stunnel so that I can connect?

Hi Cary

Assuming the server is already set up, the client config is as follows:
1. Set client = yes inside your stunnel conf
2. Add a section that listens on localhost on some random port e.g.
2514, then uses the cert you were given to connect to the remote
server
3. Make sure your local syslog.conf logs to localhost on that port you chose.

Something like this in the stunnel conf:
<snip>
; Use it for client mode
client = yes
; Service-level configuration
[syslog]
accept  = 127.0.0.1:2514
connect = <remote server>:<remote port>
cert = /path/to/cert
; key = /path/to/key (if cert and key in separate files)

Then your syslog.conf will contain something similar to this
*.=info;*.=notice;*.=warning;\
    auth,authpriv.none;\
    cron,daemon.none;\
    mail,news.none      @127.0.0.1:2514

There's quite a good article on the subject here:
http://freshmeat.net/articles/ssl-encrypting-syslog-with-stunnel



More information about the stunnel-users mailing list