search

AlanBarber / NLog.Targets.Splunk

A NLog target for Splunk Http Event Collector (HEC) Sender
Apache License 2.0
9 stars 24 forks source link

SplunkHttpEventCollector is not able to use SSL cert , error in azure app service #58

Open gorarohit opened 2 years ago

gorarohit commented 2 years ago

I have Azure App Service hosting Asp Net Core API ( . Net Core 3.1 ).

my Splunk target 

<target name="Splunk"
                xsi:type="SplunkHttpEventCollector"
                serverUrl="https://<splunkserver>:8088/services/collector/event"
                token="token"
                source="${logger}"
                sourceType="_json"
                index="index"
                retriesOnError="3"
                batchSizeBytes="0"
                batchSizeCount="0"          
                maxConnectionsPerServer="10"
                ignoreSslErrors="false">
            <layout xsi:type="JsonLayout">
                <attribute name="date" layout="${date:format=MM-dd-yyyy hh\:mm\:ss.fff tt}" />
                <attribute name="host" layout="${hostname}" />
                <attribute name="logger" layout="${logger}" />
                <attribute name="message" layout="${message} ${exception}" />
            </layout>           
</target>

Error 

SplunkHttpEventCollector(Name=Splunk_wrapped): Failed to send LogEvents Exception: Splunk.Logging.HttpEventCollectorException: Failed to send request: InternalServerError
 ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

I have uploaded valid SSL certificate in azure app service store and verified cert is available using code.

Note: I don't want to ignore ssl errors using ignoreSslErrors = true I also verified ssl cert validation using curl.

AlanBarber commented 2 years ago

Is this a valid purchased SSL cert or a self signed?

That error message is usually an indicator of self-signed certs, which is exactly what the ignoreSslErrors option is for.

gorarohit commented 2 years ago

This is a purchased valid CA cert and we verified this using CURL. This is a Entripsie level signed certs.

gorarohit commented 2 years ago

@AlanBarber any update on this will be helpful

zhosafwan commented 1 year ago

@AlanBarber Any update, I have same error