Project

General

Profile

Actions

Bug #710

closed

tls - certs directory

Added by Peter Manev almost 12 years ago. Updated over 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

If tls is enabled in yaml and if "certs" dir does not exist (is not created by user) -

  - tls-log:
      enabled: yes  # Log TLS connections.
      filename: tls.log # File to store TLS logs.
      extended: yes # Log extended information like fingerprint
      certs-log-dir: certs # directory to store the certificates files
      append: yes

and if tls.store rules are used - in order to store the ssl certs to disk, we have some err messages:

[2338] 12/1/2013 -- 16:48:58 - (log-tlslog.c:256) <Warning> (LogTlsLogPem) -- [ERRCODE: SC_ERR_FOPEN(44)] - Can't create PEM file: /var/data/regit/log/suricata//certs/1358002127.666785-100.pem
[2338] 12/1/2013 -- 16:49:10 - (log-tlslog.c:256) <Warning> (LogTlsLogPem) -- [ERRCODE: SC_ERR_FOPEN(44)] - Can't create PEM file: /var/data/regit/log/suricata//certs/1358002139.588952-101.pem

in suricata.log - that periodically get written to the suricata.log that eventually grow to a bug number.
however there is no ERR at start up time -
it will be beneficial if when

  - tls-log:
      enabled: yes

that directory to be checked if existing and be created otherwise (or an ERR logged at startup).

If the directory is manually created before starting suricata - there is no problem of course.

Actions

Also available in: Atom PDF