Enabling a Log Sink using rsyslog over SSL/TLS
search cancel

Enabling a Log Sink using rsyslog over SSL/TLS


Article ID: 42984


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway




The Layer 7 Gateway uses a particular dependency library by default to facilitate transport level security. The rsyslog suite uses a separate dependency library that is not compatible with the library used by the Gateway. The Gateway must be reconfigured to accommodate for this discrepancy as it is more easily modified. The rsyslog suite is only compatible with a specific library (GnuTLS) whereas the Gateway has multiple libraries that can be leveraged.


  1. Log into the Gateway appliance as the?ssgconfig?user.
  2. Select Option #2: Use a privileged shell (root).
  3. Provide the root credentials
  4. Open the system configuration file (/opt/SecureSpan/Gateway/node/default/etc/conf/system.properties) for editing.
  5. Add or modify the following directive:?com.l7tech.security.tlsProvider=SunJSSE
  6. Save the file and exit the editor
  7. Restart the Gateway service (service ssg restart)
  8. Exit the privileged shell of the Gateway.
At that point, log into the Layer 7 Policy Manager and create a new log sink (if that has not been done already) as per the Layer 7 Policy Manager User Manual (section "Creating a Log Sink") for your applicable version of the Layer 7 Gateway.


Component: APIGTW