Feature Request: TLS configuration about logback-gelf HOT 6 OPEN

It's worth noting that, without the ability to specify a trusted CA, all TLS connections effectively have trustAllCertificates set to true. The GELF protocol has nothing akin to verifying that the requested hostname matches the certificate subject like in HTTPS, so any certificate issued by a trusted root will be accepted.

from logback-gelf.

Thanks for bringing this up!

I doubt that configuring a trusted CA increases the security much as the domain name of the certificate (CN) is still not checked as defined in RFC 2818. An attacker with a certificate signed by the same CA (which is rather easy to obtain in larger enterprises) could still perform a MITM-attack. Maybe this domain name check should be added to the implementation as the logic is based on SSL/TLS and not HTTPS (in contrast to the specification and standard implementation in Java). LDAPS is using a similar implementation (RFC 4513) for example. But the Graylog guys should at least document something about that to not have completely different client implementations. Maybe RFC 7525 could be the basis for that.

As a first step, I've implemented a server certificate whitelist in the branch feature/explicit-certificate-trust.

Let me know what you think.

from logback-gelf.

Added certificate hostname verification (based on RFC 6125) per 2960bc4

from logback-gelf.

Hello. I am the person who put in #79 and am wondering about the MutualTLS. Has that also been added to the explicit-certificate-trust branch?

from logback-gelf.

@tparkercbn Not yet. As there was no feedback on the branch yet. It currently only contains server certificate whitelisting. I'm willing to invest more time on this if someone provides feedback.

from logback-gelf.

Hi @osiegmar. What would you like to have feedback on? We certainly can deploy and test in our environment if you are able to update the code to do mutual TLS.

Tom

from logback-gelf.