This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
the_rock
MVP Diamond
MVP Diamond
‎2025-10-06 08:14 AM

There you go, my friend...greetings for Japan : - )

Andy

************************************

 

The System TLS Configuration setting you're referring to—found under System Management > System Logging—likely relates to how Transport Layer Security (TLS) is used to secure system log transmissions, especially when logs are sent to remote servers (e.g., syslog over TLS). While the exact behavior can vary depending on the platform (e.g., Windows Server, Cisco NX-OS, Juniper OS), here's a general overview of what can be configured under such a setting:

🔐 What System TLS Configuration Typically Does

  1. Enable Secure Log Transmission:

    • TLS encrypts log messages sent from the system to a remote syslog server, ensuring confidentiality and integrity.

  2. Configure Authentication Modes:

    • Server Authentication: The client verifies the identity of the server.
    • Mutual Authentication: Both client and server verify each other using certificates.

  3. Certificate Management:

    • You can specify which X.509 certificates are used for authentication.
    • Configure trusted Certificate Authorities (CAs).
    • Set up certificate mapping (e.g., one-to-one or many-to-one user mappings).

  4. TLS Protocol and Cipher Suite Settings:

    • Define which versions of TLS are allowed (e.g., TLS 1.2, TLS 1.3).
    • Control cipher suite order and availability for secure communication.

  5. Session Caching and Timeout Settings:

    • Configure how long TLS sessions are cached to improve performance.
    • Adjust cache size and timeout intervals.

  6. OCSP Stapling and Trusted Issuer Lists:

    • Enable or disable OCSP stapling for certificate revocation checks.
    • Decide whether to send a list of trusted certificate authorities to clients.

🧩 Example Use Case

If you're using Windows Server, these settings are managed via the Schannel Security Support Provider (SSP). You can configure them using:

  • Registry keys (e.g., HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL)
  • Group Policy
  • PowerShell

For example, enabling mutual TLS for syslog might involve:

  • Installing certificates on both client and server.
  • Configuring the syslog daemon to use TLS.
  • Setting registry keys or configuration files to enforce TLS-only connections.
Best,
Andy
"Have a great day and if its not, change it"

View solution in original post

(1)
Who rated this post