server
/http_server
plugin helper, also support the <transport>
section to specify how to handle the connections.transport
section must be under <match>
, <source>
, and <filter>
sections. It specifies the transport protocol, version, and certificates.protocol
[enum: tcp
/udp
/tls
]tcp
version
: [enum: TLS1_1
/TLS1_2
/TLS1_3
]TLSv1_2
min_version
: [enum: TLS1_1
/TLS1_2
/TLS1_3
]nil
max_version
: [enum: TLS1_1
/TLS1_2
/TLS1_3
]nil
ciphers
[string]"ALL:!aNULL:!eNULL:!SSLv2"
insecure
[bool]false
(uses secure connection with tls
)min_version
/max_version
instead of version
. To support the old style, fluentd accepts TLS1_1
and TLSv1_1
values.TLS1_3
is available when your system supports TLS 1.3.<transport tls>
:ca_path
: [string]nil
cert_path
: [string]nil
private_key_path
: [string]nil
private_key_passphrase
: [string]nil
client_cert_auth
: [bool]false
true
, Fluentd will check all the incoming HTTPS requests for acert_verifier
: [string]nil
<transport tls>
:ca_cert_path
: [string]nil
ca_private_key_path
: [string]nil
ca_private_key_passphrase
: [string]nil
<transport tls>
:generate_private_key_length
: [integer]generate_cert_country
: [string]generate_cert_state
: [string]generate_cert_locality
: [string]generate_cert_common_name
: [string]nil
generate_cert_expiration
: [integer]<transport tls>
:generate_cert_digest
: [enum: sha1
/sha256
/sha384
/sha512
]sha256