The SBC provides an option to provision a new parameter Rsyslog Profile
. This profile uses local and remote certificates imported to the SBC and generates the three certificate files required for the rsyslog.conf
file to support communication for Rsyslog.
To create a new RsyslogTls Profile
, assign the local and remote Certificates to the profile and generate the three Certificate files required for Rsyslog:
set profiles security RsyslogProfile <profile_name> clientCertName localCert serverCaCertName remoteCert
set profiles security RsyslogTlsProfile rlog Possible completions: clientCertName - The name of client Certificate referred by this Rsyslog-TLS profile. serverCaCertName - The name of server CA Certificate referred by this Rsyslog-TLS profile
To view the RsyslogTlsProfile, execute the command:
show profiles security RsyslogTlsProfile RsyslogTlsProfile rSyslogprofile { clientCertName localCert; serverCaCertName remoteCACert; } [ok]
The show command displays a new Rsyslog profile, along with local and remote certificates assigned to the Rsyslog profile.
show system security pki certificate localCert { state enabled; fileName localCert.pem; type local-internal; } certificate remoteCACert { state enabled; fileName rootCA.der; type remote; } certificate defaultSBCCert { state enabled; fileName sonuscert.p12; passPhrase $7$DibBrv9m1udynmteAN7fg48KXCD0O8/v; type local; } certificate defaultDtlsSBCCert { state enabled; fileName defaultDtlsCert.p12; passPhrase $7$dbJlv+/Ds4mYQqJvIiOv/gl5ZdVCSOfV; type local; } [ok]