tls.tlsCfgCmd

Passes additional OpenSSL configuration commands to fine-tune DTLS handling. .. summary-end

This parameter applies to imdtls: Input Module for DTLS Protocol over UDP.

Name:

tls.tlsCfgCmd

Scope:

input

Type:

string

Default:

none

Required?:

no

Introduced:

v8.2402.0

Description

Used to pass additional OpenSSL configuration commands. This can be used to fine-tune the OpenSSL settings by passing configuration commands to the OpenSSL library. OpenSSL version 1.0.2 or higher is required for this feature. A list of possible commands and their valid values can be found in the documentation.

The setting can be single or multiline, each configuration command is separated by linefeed (\n). Command and value are separated by equal sign (=).

Examples

This will allow all protocols except for SSLv2 and SSLv3:

tls.tlsCfgCmd="Protocol=ALL,-SSLv2,-SSLv3"

This will allow all protocols except for SSLv2, SSLv3 and TLSv1 and will also set the minimum protocol to TLSv1.2:

tls.tlsCfgCmd="Protocol=ALL,-SSLv2,-SSLv3,-TLSv1\nMinProtocol=TLSv1.2"

Input usage

module(load="imdtls")
input(type="imdtls" tls.tlsCfgCmd="Protocol=ALL,-SSLv2,-SSLv3")

See also

See also imdtls: Input Module for DTLS Protocol over UDP.

---

Support: rsyslog Assistant | GitHub Discussions | GitHub Issues: rsyslog source project

Contributing: Source & docs: rsyslog source project

© 2008–2025 Rainer Gerhards and others. Licensed under the Apache License 2.0.