[Bro] X509 verify example
Reinhard Gentz
rgentz at asu.edu
Thu Jun 21 10:15:35 PDT 2018
Hi I am trying to verify a X509 certificate captured with bro, but I am
having trouble using the verify function.
What i have is the event
event x509_certificate(f: fa_file, cert_ref: opaque, cert: X509::Certificate)
how do I feed this information in this function to verify it?
function x509_verify(certs: x509_opaque_vector, root_certs:
table_string_of_string, verify_time: time &default=network_time()):
X509::Result
https://www.bro.org/sphinx-git/scripts/base/bif/plugins/Bro_X509.functions.bif.bro.html#id-x509_verify
Question 1: How do i convert cert_ref: opaque to certs: x509_opaque_vector?
Question 2: root_certs: table_string_of string: How can I input my own CA
root certificate here? In which folder does it go and how do I make bro
aware of it?
Thank you
Reinhard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180621/8e0043dc/attachment.html
More information about the Bro
mailing list