Syslog logging driver + TLS + encrypted private key


I am trying to use a docker logging driver to send logs via tls to a fluentd container. My first try was with Fluentd logging driver | Docker Documentation until I found no option to use tls. Then I switched to Syslog logging driver | Docker Documentation:

      build: ./client
      container_name: some-client
      hostname: some-client
        - ./client/td-agent-bit.conf:/etc/td-agent-bit/td-agent-bit.conf:ro
        - graylog
      restart: unless-stopped
        - fluentd
        driver: syslog 
          syslog-address: tcp+tls://some-fluentd:514
          syslog-facility: daemon
          syslog-tls-ca-cert: /etc/certs/graylog/certs/ca.crt.pem
          syslog-tls-cert: /etc/certs/graylog/certs/client.crt.pem
          syslog-tls-key: /etc/certs/graylog/private/client.key.pem
          syslog-tls-skip-verify: "false"
          tag: "docker.{{.Name}}"
          syslog-format: rfc5424micro

But got the following error when using docker compose up:

Attaching to some-client, some-fluentd
Error response from daemon: failed to initialize logging driver: Could not load X509 key pair: private key is encrypted, but could not decrypt it: x509: decryption password incorrect

The issue is that i am using an encrypted private key. I found to driver option for setting the corresponding pass phrase. Am I missing something ?

Best regards,


I’m running docker on WSL2, WIndows 10.

Here’s the output of docker info:

 Context:    default
 Debug Mode: false
  app: Docker App (Docker Inc., v0.9.1-beta3)
  compose: Docker Compose (Docker Inc., v2.2.3)
WARNING: Plugin "/usr/local/lib/docker/cli-plugins/docker-buildx" is not valid: failed to fetch metadata: fork/exec /usr/local/lib/docker/cli-plugins/docker-buildx: no such file or directory
WARNING: Plugin "/usr/local/lib/docker/cli-plugins/docker-scan" is not valid: failed to fetch metadata: fork/exec /usr/local/lib/docker/cli-plugins/docker-scan: no such file or directory

 Containers: 5
  Running: 2
  Paused: 0
  Stopped: 3
 Images: 13
 Server Version: 20.10.9
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: e25210fe30a0a703442421b0f60afac609f950a3
 runc version: v1.0.1-0-g4144b63
 init version: de40ad0
 Security Options:
   Profile: default
 Kernel Version:
 Operating System: Ubuntu 20.04.4 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 6.14GiB
 Name: LP-0102
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
 Live Restore Enabled: false

WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support