Actions
Bug #710
closedtls - certs directory
Affected Versions:
Effort:
Difficulty:
Label:
Description
If tls is enabled in yaml and if "certs" dir does not exist (is not created by user) -
- tls-log: enabled: yes # Log TLS connections. filename: tls.log # File to store TLS logs. extended: yes # Log extended information like fingerprint certs-log-dir: certs # directory to store the certificates files append: yes
and if tls.store rules are used - in order to store the ssl certs to disk, we have some err messages:
[2338] 12/1/2013 -- 16:48:58 - (log-tlslog.c:256) <Warning> (LogTlsLogPem) -- [ERRCODE: SC_ERR_FOPEN(44)] - Can't create PEM file: /var/data/regit/log/suricata//certs/1358002127.666785-100.pem [2338] 12/1/2013 -- 16:49:10 - (log-tlslog.c:256) <Warning> (LogTlsLogPem) -- [ERRCODE: SC_ERR_FOPEN(44)] - Can't create PEM file: /var/data/regit/log/suricata//certs/1358002139.588952-101.pem
in suricata.log - that periodically get written to the suricata.log that eventually grow to a bug number.
however there is no ERR at start up time -
it will be beneficial if when
- tls-log: enabled: yes
that directory to be checked if existing and be created otherwise (or an ERR logged at startup).
If the directory is manually created before starting suricata - there is no problem of course.
Actions