[Bro] expire-certs.bro can I get the expiry date too?
Seth Hall
seth at corelight.com
Mon Oct 30 07:41:40 PDT 2017
On 29 Oct 2017, at 18:01, Ludwig Goon wrote:
> Is there a way to also print in the notice.log the actual date the
> cert expires?
If you're talking about the notice from the
policy/protocols/ssl/expiring-certs.bro then the date should already be
in there. For the three notices that script defines, you should get
these messages...
- fmt("Certificate %s isn't valid until %T", cert$subject,
cert$not_valid_before)
- fmt("Certificate %s expired at %T", cert$subject,
cert$not_valid_after),
- fmt("Certificate %s is going to expire at %T", cert$subject,
cert$not_valid_after),
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
More information about the Bro
mailing list