lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-19 19:15:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

System / Settings / Logging - targets: TLS trasnport, fix previous for https://github.com/opnsense/core/issues/4937

Browse Source 
(use generic system ca file)
This commit is contained in:
Ad Schellevis 2021-04-30 18:52:47 +02:00
parent 64c2e02b0b
commit 2b976a491d
2 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/opnsense/scripts/syslog/generate_certs
View File

@ -45,9 +45,6 @@ foreach ((new OPNsense\Syslog\Syslog())->destinations->destination->iterateItems
if ($cert_refid == (string)$cert->refid) {
file_put_contents("/usr/local/etc/syslog-ng/cert.d/{$dest_key}.key", base64_decode((string)$cert->prv));
file_put_contents("/usr/local/etc/syslog-ng/cert.d/{$dest_key}.crt", base64_decode((string)$cert->crt));
$cert = (array)$cert;
$ca = ca_chain($cert);
file_put_contents("/usr/local/etc/syslog-ng/cert.d/{$dest_key}.ca", (string)$ca);
}
}
}
@ -57,7 +54,7 @@ foreach ((new OPNsense\Syslog\Syslog())->destinations->destination->iterateItems
foreach (glob("/usr/local/etc/syslog-ng/cert.d/*") as $filename) {
$instance = explode(".", basename($filename))[0];
$ext = pathinfo($filename)['extension'];
if (!in_array($instance, $instances) && in_array($ext, ['crt', 'key', 'ca'])) {
if (!in_array($instance, $instances) && in_array($ext, ['crt', 'key'])) {
unlink($filename);
}
}

2
src/opnsense/service/templates/OPNsense/Syslog/syslog-ng-destinations.conf
View File

@ -38,7 +38,7 @@ destination d_{{dest_key}} {
ip-protocol({{destination.transport[3]}})
persist-name("{{dest_key}}")
tls(
ca-file("/usr/local/etc/syslog-ng/cert.d/{{dest_key}}.ca")
ca-file("/etc/ssl/cert.pem")
key-file("/usr/local/etc/syslog-ng/cert.d/{{dest_key}}.key")
cert-file("/usr/local/etc/syslog-ng/cert.d/{{dest_key}}.crt")
)