Option to configure TLS version in rsyslog

rsyslog

Is it possible to configure the minimum TLS version supported by rsyslog?

For eg., we would like an option to choose one of the following

TLS 1.0 ( this should allow TLS connection over version 1.0, 1.1,1.2 and future version) TLS 1.1 ( this should allow TLS connection over version 1.1,1.2 and future version) TLS 1.2 ( this should allow TLS connection over version 1.2 and future version)

I think by default it is supporting TLS1.0 as the minimum TLS version. Would like to know if this is configurable.


As of rsyslog 8.29, yes a gnutls priority string is configurable. An example config loading the module is in the test suite.

No built-in single keyword exists that restrict both the ciphers and the protocol to say TLS 1.2+. You might take a keyword you like and remove the broken things, such as by appending :-VERS-SSL3.0:-VERS-DTLS1.0:-VERS-TLS1.0:-VERS-TLS1.1.

This is just for rsyslog. Repeat for other applications using gnutls.

Related

How can I find multiple values from windows command line output?
Apache mod_rewrite encode query string parameters
postgresql trigger for updating multiple columns
haproxy forcing a redirect to login and redirect back
Cheap/fast deduplication with hardlinks?
HP Smart Array P420i Configuration - LZMA data is corrupt
Running nginx with SSL on AWS
Migrate Exchange 2013 on Windows Server 2012 to Exchange 2019
Integral of squared lower incomplete gamma function
Prove that any group of order 15 is cyclic? [duplicate]
Parallelogram and vectors
Regarding a technicality in Cup products