Feature #5516: tls: client cert detection - Suricata - Open Information Security Foundation

Actions

Feature #5516

closed

tls: client cert detection

Added by Victor Julien almost 3 years ago. Updated over 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Target version:

Effort:

Difficulty:

Label:

Description

Update various cert detection keywords to support client certs.

Related issues 1 (0 open — 1 closed)

Actions

#4

Updated by Jeff Lucovsky over 2 years ago

These already check the client cert (depending on direction)
- tls.subject
- tls.issuerdn
- tls.fingerprint
- tls_cert_notbefore
- tls_cert_notafter
- tls_cert_expired
- tls_cert_valid

These do not check the client cert and require update:
- tls.cert_fingerprint
- tls.cert_issuer
- tls.certs
- tls.cert_serial
- tls.cert_subject

Not sure about
- tls.store

Actions

#8

Updated by Jeff Lucovsky over 2 years ago

https://github.com/OISF/suricata/pull/8298

Actions

#9

Updated by Victor Julien over 2 years ago

Status changed from In Review to Closed
Priority changed from High to Normal

Merged through https://github.com/OISF/suricata/pull/8314

Actions

Also available in: Atom PDF