On Wed, Nov 16, 2011 at 12:28 PM, Mathew Binkley <
Hi! I've been testing the 2.0 beta (kudos, btw).
My alarm files is
getting tons of SSL::Invalid_Server_Cert from our own local certs,
doegrid certs, cern.ch, fnal.gov
, presumably because the root CA cert
for those is not included with either Bro or the OS.
I see share/bro/base/protocols/ssl/mozilla-ca-list has a bundle of root
CA certs. Is there a way to add our own to that or to a separate file?
How is that file generated? Thanks.
redef the list to append your local entries.