[Bro] Adding SSL certs to Bro 2.0

sridhar basam sri at basam.org
Wed Nov 16 09:35:37 PST 2011

On Wed, Nov 16, 2011 at 12:28 PM, Mathew Binkley <
mathew.binkley at vanderbilt.edu> wrote:

> Hi!  I've been testing the 2.0 beta (kudos, btw).  My alarm files is
> getting tons of SSL::Invalid_Server_Cert from our own local certs,
> doegrid certs, cern.ch, fnal.gov, presumably because the root CA cert
> for those is not included with either Bro or the OS.
> I see share/bro/base/protocols/ssl/mozilla-ca-list has a bundle of root
> CA certs.   Is there a way to add our own to that or to a separate file?
>  How is that file generated?   Thanks.

redef the list to append your local entries.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20111116/dfb20ec0/attachment.html 

More information about the Bro mailing list