Configure TLS Strong Encryption
You can configure TLS strong encryption for Log Correlation Engine-client communications to meet the security needs of your organization. Log Correlation Engine uses TLS 1.2 to encrypt Log Correlation Engine-client communications.
To configure TLS strong encryption for Log Correlation Engine communications:
-
Log in to Log Correlation Engine via the command line interface (CLI).
-
In the CLI in Log Correlation Engine, run the following command to specify the cipher you want to use for TLS encryption:
source /opt/lce/tools/exigent-sessions.bashrc
undoc-config --set lced cryptSyslog_ciphersuiteSelector <cipher you want to use for TLS encryption>
For example:
source /opt/lce/tools/exigent-sessions.bashrc
undoc-config --set lced cryptSyslog_ciphersuiteSelector ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-GCM-SHA384
-
Run the following command to restart all Log Correlation Engine daemons:
restart-all bar-pg
All Log Correlation Engine daemons restart.