Project

General

Profile

Actions

Feature #5516

closed

tls: client cert detection

Added by Victor Julien over 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Update various cert detection keywords to support client certs.


Related issues 1 (0 open1 closed)

Related to Suricata - Feature #1096: tls: client certificate handlingClosedVictor JulienActions
Actions #1

Updated by Victor Julien about 2 years ago

  • Target version changed from TBD to 7.0.0-rc1
Actions #2

Updated by Victor Julien about 2 years ago

  • Priority changed from Normal to High
Actions #3

Updated by Victor Julien about 2 years ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Jeff Lucovsky
Actions #4

Updated by Jeff Lucovsky about 2 years ago

These already check the client cert (depending on direction)
- tls.subject
- tls.issuerdn
- tls.fingerprint
- tls_cert_notbefore
- tls_cert_notafter
- tls_cert_expired
- tls_cert_valid

These do not check the client cert and require update:
- tls.cert_fingerprint
- tls.cert_issuer
- tls.certs
- tls.cert_serial
- tls.cert_subject

Not sure about
- tls.store

Actions #5

Updated by Victor Julien about 2 years ago

  • Parent task deleted (#1096)
Actions #6

Updated by Victor Julien about 2 years ago

  • Related to Feature #1096: tls: client certificate handling added
Actions #7

Updated by Jeff Lucovsky about 2 years ago

  • Status changed from Assigned to In Review
Actions #9

Updated by Victor Julien about 2 years ago

  • Status changed from In Review to Closed
  • Priority changed from High to Normal
Actions

Also available in: Atom PDF