Hi there and welcome! I think the self-signed certs get folks tripped up. TLS (and for that matter, PKI) isn’t always the most straightforward thing to understand or manage. I’ve written about using TLS with Syslog in the past, and if you’re using something like Letsencrypt, it’s a fairly straightforward process to use an LE cert with your Syslog input. You might look at the post and see if that gives you any insight.