On Wed, Nov 16, 2011 at 12:28 PM, Mathew Binkley <mathew.binkley@vanderbilt.edu> wrote:
Hi!  I've been testing the 2.0 beta (kudos, btw).  My alarm files is
getting tons of SSL::Invalid_Server_Cert from our own local certs,
doegrid certs, cern.ch, fnal.gov, presumably because the root CA cert
for those is not included with either Bro or the OS.

I see share/bro/base/protocols/ssl/mozilla-ca-list has a bundle of root
CA certs.   Is there a way to add our own to that or to a separate file?
 How is that file generated?   Thanks.



share/bro/site/local.bro

redef the list to append your local entries.

 Sridhar