[Zeek] Certificate questions
jayf at wheeling-nisshin.com
jayf at wheeling-nisshin.com
Fri Nov 15 12:29:02 PST 2019
Greetings Zeek community,
I'm very new to Zeek, but really like what I'm see so far. I need some
help or perhaps a bit of education though. I have it setup in a Security
Onion VM.
I see a lot of messages about SSL including "unable to get local issuer
certificate", which I understand COULD be self-signed certs.
I also see many, many SSL::Invalid_Server_Cert notices in Kibana. Many
others say "SSL certificate validation failed with (self signed certificate
in certificate chain).
These would all be of interest, however they ALL point back to very
legitimate sources like Apple and Microsoft. I find it hard to believe
that these major companies have problems with that many certificates and
servers. Could this really be the case???
I could find very little information on Google regarding this. One article
said something about Zeek not being able to match them up with root cert
servers or something like that.
Is it possible that Zeek is missing something like a list of root CAs or
something? Is this just garbage caused by something else. This will leave
me scratching my head until I come back on Monday. I appreciate the help.
Jay Fluharty
Network Analyst
NS Wheeling-Nisshin Inc.
PO Box 635
Follansbee, WV 26037
jayf at wheeling-nisshin.com
1-304-527-4819
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20191115/d3b33976/attachment.html
More information about the Zeek
mailing list