I'm trying to test a setup of rsyslog that uses ssl. I'm (perhaps mis)-understanding that if I use starttls for the ssl traffic, I should be able to receive both ssl and plain syslog traffic on the same tcp port as the ssl session is negotiated if, as, and when needed.
However I have a testbed plaintext syslog client and a testbed ssl syslog client but i'm unable to make this occur. I can get traffic from either depending on the setting of $InputTCPServerDriverMode being 0 or 1, but not both at once.
So really i'm asking: Is this even possible ? If so, what's the rsyslog config syntax to achieve it ?
I understood that rsyslog could work with starttls, but now i'm starting to doubt it.
The server config looks a bit like this currently:
$ModLoad imuxsock $ModLoad imklog $ModLoad imtcp.so $DefaultNetstreamDriver gtls $DefaultNetstreamDriverCAFile /root/syslog-ca-cert.crt $DefaultNetstreamDriverCertFile /root/syslog-server-cert.crt $DefaultNetstreamDriverKeyFile /root/syslog-server-key.key $InputTCPServerStreamDriverMode 1 $InputTCPServerStreamDriverAuthMode x509/certvalid $InputTCPServerRun 514
