summaryrefslogtreecommitdiffstats
path: root/doc/rsyslog_tls.html
diff options
context:
space:
mode:
authorRainer Gerhards <rgerhards@adiscon.com>2008-06-06 15:43:14 +0200
committerRainer Gerhards <rgerhards@adiscon.com>2008-06-06 15:43:14 +0200
commit6343cf730acbb454765d0593d68032aebcb3d15c (patch)
tree9841f59b258b3fe5436e29bd850ba6bfdafafc1b /doc/rsyslog_tls.html
parent43c2f2b1ad5c3e4264f719dcff61893c38bc06f3 (diff)
downloadrsyslog-6343cf730acbb454765d0593d68032aebcb3d15c.tar.gz
rsyslog-6343cf730acbb454765d0593d68032aebcb3d15c.tar.xz
rsyslog-6343cf730acbb454765d0593d68032aebcb3d15c.zip
added doc on suggested TLS deployment
(rough picture, actual configuration sample still missing).
Diffstat (limited to 'doc/rsyslog_tls.html')
-rw-r--r--doc/rsyslog_tls.html9
1 files changed, 6 insertions, 3 deletions
diff --git a/doc/rsyslog_tls.html b/doc/rsyslog_tls.html
index 2d5fd8e9..8cac558d 100644
--- a/doc/rsyslog_tls.html
+++ b/doc/rsyslog_tls.html
@@ -19,6 +19,10 @@ note that TLS is the more secure successor of SSL. While people often
talk about "SSL encryption" they actually mean "TLS encryption". So
don't look any further if you look for how to SSL-encrypt syslog. You
have found the right spot.</p>
+<p>This is a quick guide. There is a more elaborate guide currently
+under construction which provides a much more secure environment. It
+is highly recommended to
+<a href="rsyslog_secure_tls.html">at least have a look at it</a>.
<h2>Background</h2>
<p><b>Traditional syslog is a clear-text protocol. That
means anyone with a sniffer can have a peek at your data.</b> In
@@ -174,8 +178,7 @@ itself can (and must) be distributed. To generate it, do the following:</p>
<pre>certtool --generate-privkey --outfile ca-key.pem</pre>
<br>
This takes a short while. Be sure to do some work on your workstation,
-it waits for radom input. Switching between windows is sufficient
-;)&nbsp;
+it waits for radom input. Switching between windows is sufficient ;)
</li>
<li>now create the (self-signed) CA certificate itself:<br>
<pre>certtool --generate-self-signed --load-privkey ca-key.pem --outfile ca.pem</pre>
@@ -279,4 +282,4 @@ document under the terms of the GNU Free Documentation License, Version
with no Invariant Sections, no Front-Cover Texts, and no Back-Cover
Texts. A copy of the license can be viewed at
<a href="http://www.gnu.org/copyleft/fdl.html">http://www.gnu.org/copyleft/fdl.html</a>.</p>
-</body></html> \ No newline at end of file
+</body></html>