We have configured a Syslog-ng relay server to which accepts client logs. Client and the relay server communicates and forward the logs using TLS. We are noticing the below error in our client.
I followed Configuring syslog-ng PE clients to setup TLS communication.
Dec 13 05:29:13 syslog-ng[10769]: Syslog connection established; fd='16', server='AF_INET(1**.1**.1.105:6514)', local='AF_INET(0.0.0.0:0)'
Dec 13 05:29:13 syslog-ng[10769]: Error setting up TLS session context; tls_error='PEM routines:PEM_read_bio:no start line'
What is the problem and how do I fix it?
The client's certificate in the PEM file should be preceded by a line that looks like this:
-----BEGIN CERTIFICATE-----
The 'no start line' error message you're seeing is what you get if that line is absent from the file.
Check that the client PEM file contains that line. (It's just a text file, you can look at it with any editor.) If it doesn't contain that line then either the file got damaged when you copied it to the client, or perhaps the original file is incorrect.
If you generated the PEM file on a Unix or Linux machine and then copied it to a Windows machine, it's possible that you'll need to change the line endings in the file from just LF to CR LF in order for it to be read correctly.