> But perhaps /etc/ipa/ca.crt needs to be added to > /etc/apparmor.d/abstractions/ssl_certs which is in the > apparmor package.
@jjohansen, @georgiag, what do you think about the above suggestion? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/2072702 Title: AppArmor profile prevents use of TLS keys and certificates Status in rsyslog package in Ubuntu: New Bug description: I'm trying to use the following configuration: # certificate files $DefaultNetstreamDriverCAFile /etc/ipa/ca.crt $DefaultNetstreamDriverCertFile /etc/ssl/certs/FQDN.crt $DefaultNetstreamDriverKeyFile /etc/ssl/private/FQDN.key But AppArmor prevents the loading of /etc/ipa/ca.crt and the key file. I think rsyslog-gnutls should allow reading the key file. But perhaps /etc/ipa/ca.crt needs to be added to /etc/apparmor.d/abstractions/ssl_certs which is in the apparmor package. Version 8.2312.0-3ubuntu9 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/2072702/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
