TLS version supported by log4j2 Syslog Appender - log4j2

I have a Syslog Appender which communicates to server on tcp with below configuration. Configured an rsyslog server which is successfully receiving the messages from client. I'm new to this log4j2 and please excuse me if I missed something obvious.
<Syslog name="Connector" format="RFC5424" host="10.10.10.10" port="5822" protocol="TCP" appName="Connector" includeMDC="true" mdcId="mdc" enterpriseNumber="18060" newLine="true" immediateFlush="true" messageId="Audit" id="App" facility="local0">
<SSL>
<TrustStore location="truststore.p12" password="pJAY3nVuG?"/>
</SSL>
</Syslog>
I'm unable to find from documentation etc. on supported TLS versions for this. What's the minimum version it supports and if there is a way we can configure it to use only TLS 1.2+?

Log4j doesn't support any particular version of TLS. It uses a standard Java SSLSocket. So the version of TLS that is supported is controlled by how you configure the JVM. You need to check the relevant documentation, but the default is TLS 1.2 for Java 8 and 11.

Related

MQTT.fx TSLv1.3 SSLContext not available

Im trying to establisch a mqtt connection to test.mosquitto.org using MQTT.fx.
Im on Windows 10.
Selecting TLSv1.2 as my Protocol works fine.
But using TLSv1.3 the connection fails. "TSLv1.3 SSLContext not available"
Is TLSv1.3 just not jet supported on MQTT.fx?
I could not find anything else regarding that promlem using MQTT.fx.
As of version 1.7.1, MQTT.fx is bundled with JRE 1.8.0_18.
TLSv1.3 is supported from JDK 8u261 (source).
Hence, the used JRE does not support TLSv1.3.
I reported the issue and hope for a quick update.

To connect with AWS IoT broker in iOS

We are developing an application which needs to consume AWS IoT service based on a MQTT protocol deviation. We are currently facing issues to get connected with MQTT broker provided by AWS IoT cloud server.
Following is the environment:
iOS Version: 8.0 / 9.0
Programming language: Swift
Library for MQTT: Moscapsule
Steps followed:
Set initial config clientid, host, port
Set client certificate with private key, providing .pem file path (e.g. cert.pem, privateKey.pem)
Set server certificate which is root certificate .pem file path (e.g. rootCA.pem)
Set tls opts with tsl_insecure: false, cert_reqs: SSL_VERIFY_PEER, tls version: tlsv1.2, ciphers: nil
Problems faced:
When trying to connect to server/broker gives error “unable to create TLS_Context”.
With setting tls cert_reqs: SSL_VERIFY_NONE, gives connection status success with subcribe and publish sucess, but doesn’t reflect on server or broker.
Any help in this context is highly appreciable.
The AWS SDK for iOS already supports connecting to AWS IoT over MQTT. You can see an example Swift program which transfers data to and from AWS IoT over MQTT using certificate-based authentication here. If you'd like to use a different MQTT client and just need to know how to set it up, you might start with the AWS SDK for iOS, and then have a look at the code involved in setting up the TLS connection.
Thanks for using AWS IoT.

Enabling websockets support in packaged mosquitto 1.4.7

How is websocket support enabled in mosquitto 1.4.7 when it's installed via a package manager (apt-get install mosquitto)? I see there is support for it, but I cannot determine how to enable it (and set the port) in configuration. There is an article that seems to indicate it can be enabled when built from source (https://goochgooch.wordpress.com/2014/08/01/building-mosquitto-1-4/).
Is building from source the only option to enable websocket support?
Assuming support is compiled into the build you have then adding the following to the mosquitto.conf should work
listener 9001
protocol websockets
This will start a websocket listener on port 9001
If the build you have doesn't have websocket support then the following error will be printed to the console:
Error: Websockets support not available.

DataSnap standalone HTTPS server (EXE) - OpenSSL support for TLS v1.2

I have a standalone (EXE) DataSnap server written in Delphi XE6 which I've secured with an SSL certificate using the OpenSSL DLLs. When I test the connection to the server I can see that it supports TLS v1.0. I now need to ensure the server can support TLS v1.2 (e.g. to support connections from iOS9 apps). However I can't see how to enable this. I've made the Windows registry changes to the (Windows 2008R2) server to enable TLS v1.2 but I guess this only affects IIS apps.
Can anybody show me how to enable TLS v1.2 within the Windows OpenSSL DLLs? I'm using version 1.0.2d of the DLLs. Or is there something within the DataSnap server component properties that needs to be changed?

Spring-Amqp-NET libraries for RabbitMQ - SSL support

We want to use spring-amqp-net in our applications to listen for messages in RabbitMQ.
https://github.com/spring-projects/spring-net-amqp
We couldn't figure out any configuration parameter for SSL connection neither in the source code nor in the documentation.
Does anybody now if spring-amqp-net supports SSL connection to RabbitMQ?
If yes, how can we configure the SSL connection in our .net application's Application.xml file?
Thank you.
I am not familiar with .NET, or that project (I am the lead for the Java Spring AMQP project).
With the Java Spring AMQP library, SSL is configured by appropriately configuring the underlying RabbitConnectionFactory and then that instance is injected into the Spring CachingConnectionFacrtory.
Looking at the code, it appears a similar mechanism is available in the .NET library...
public CachingConnectionFactory(ConnectionFactory rabbitConnectionFactory)
: base(rabbitConnectionFactory) { }
whereby you can configure the underlying ConnectionFactory with SSL and provide it to the CachingConnectionFactory.

Resources