diff options
author | Rainer Gerhards <rgerhards@adiscon.com> | 2008-06-06 15:43:14 +0200 |
---|---|---|
committer | Rainer Gerhards <rgerhards@adiscon.com> | 2008-06-06 15:43:14 +0200 |
commit | 6343cf730acbb454765d0593d68032aebcb3d15c (patch) | |
tree | 9841f59b258b3fe5436e29bd850ba6bfdafafc1b /doc/rsyslog_tls.html | |
parent | 43c2f2b1ad5c3e4264f719dcff61893c38bc06f3 (diff) | |
download | rsyslog-6343cf730acbb454765d0593d68032aebcb3d15c.tar.gz rsyslog-6343cf730acbb454765d0593d68032aebcb3d15c.tar.xz rsyslog-6343cf730acbb454765d0593d68032aebcb3d15c.zip |
added doc on suggested TLS deployment
(rough picture, actual configuration sample still missing).
Diffstat (limited to 'doc/rsyslog_tls.html')
-rw-r--r-- | doc/rsyslog_tls.html | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/doc/rsyslog_tls.html b/doc/rsyslog_tls.html index 2d5fd8e9..8cac558d 100644 --- a/doc/rsyslog_tls.html +++ b/doc/rsyslog_tls.html @@ -19,6 +19,10 @@ note that TLS is the more secure successor of SSL. While people often talk about "SSL encryption" they actually mean "TLS encryption". So don't look any further if you look for how to SSL-encrypt syslog. You have found the right spot.</p> +<p>This is a quick guide. There is a more elaborate guide currently +under construction which provides a much more secure environment. It +is highly recommended to +<a href="rsyslog_secure_tls.html">at least have a look at it</a>. <h2>Background</h2> <p><b>Traditional syslog is a clear-text protocol. That means anyone with a sniffer can have a peek at your data.</b> In @@ -174,8 +178,7 @@ itself can (and must) be distributed. To generate it, do the following:</p> <pre>certtool --generate-privkey --outfile ca-key.pem</pre> <br> This takes a short while. Be sure to do some work on your workstation, -it waits for radom input. Switching between windows is sufficient -;) +it waits for radom input. Switching between windows is sufficient ;) </li> <li>now create the (self-signed) CA certificate itself:<br> <pre>certtool --generate-self-signed --load-privkey ca-key.pem --outfile ca.pem</pre> @@ -279,4 +282,4 @@ document under the terms of the GNU Free Documentation License, Version with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license can be viewed at <a href="http://www.gnu.org/copyleft/fdl.html">http://www.gnu.org/copyleft/fdl.html</a>.</p> -</body></html>
\ No newline at end of file +</body></html> |