14 Mar
2012
14 Mar
'12
8:12 a.m.
Quick question. I am getting a timeout when trying to print the
variable containing the root_certs. I am just wondering if this is due
to having too many trusted certs loaded or if this is just a
limitation of the broctl print function. My primary concern is whether
bro was actually able to load all the root_certs on startup. I have
over 500 certs redef'd in site/mytrustedcerts.bro. Is this too many
for bro to handle?
broctl print SSL::root_certs
manager <error: time-out>
proxy-1 <error: time-out>
worker-1 <error: time-out>
worker-2 <error: time-out>
worker-3 <error: time-out>
worker-4 <error: time-out>
worker-5 <error: time-out>
worker-6 <error: time-out>
worker-7 <error: time-out>
worker-8 <error: time-out>
Thanks!
-will
On Wed, Feb 8, 2012 at 1:57 PM, Seth Hall <seth(a)icir.org> wrote:
On Feb 8, 2012, at 12:54 PM, Stephane Chazelas wrote:
In case it may be of some help to anyone, here is
a script to
convert a PEM CA cert bundle such as
/etc/ssl/certs/ca-certificates.crt as found on debian based
system to bro's format:
Cool, thanks. We have a script in bro-aux that generates the CA list Bro script directly
from the Mozilla repository too. If you have a copy of our source tree, the script is
here:
aux/bro-aux/devel-tools/gen-mozilla-ca-list.rb
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
_______________________________________________
Bro mailing list
bro(a)bro-ids.org
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro