Versions Compared

Old Version 1

changes.mady.by.user Andrew Madge

Saved on

compared with

New Version 2

changes.mady.by.user Mirza Muzammil Baig

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This allows the generation or selection of the certificate you would like to use with the webserver to secure the events you are sending to the destination SIEM.  

...

Web UI HTTPS Certificate. Select the certificate to be used for HTTPS web user interface interactions. Snare shows only those certificates for which 'private key' is also found and is marked as exportable. This can be done while importing the certificate into Windows Certificate Store and shown in following screenshot.

Image Added

Generate a new Self Signed Certificate. Generate certificates that will append to the available list of certificates.  A self signed certificate may be generated if your site does not have a certificate.

Network Destination Certificate Verification. The ability to certify the chain of trust when connecting to a remote destination server.  Select the level of certificate verification:

  • Accept Any - Require an SSL/TLS certificate to be presented, but accept the certificate even if the chain of trust cannot be authenticated, or the hostname does not match the presented certificate. This is ideal for self signed certificates.
  • Strict Checking - Require an SSL/TLS certificate to be presented, and have both a valid chain of trust and also a hostname matching the certificate. A hostname must be provided in the associated input field, as an IP address will not work.

Snare Agent Manager Certificate Verification. The ability to certify the chain of trust when connecting to a remote Snare Agent Management server. Select the level of certificate verification:

  • Accept Any - Require an SSL/TLS certificate to be presented, but accept the certificate even if the chain of trust cannot be authenticated, or the hostname does not match the presented certificate. This is ideal for self signed certificates.
  • Strict Checking - Require an SSL/TLS certificate to be presented, and have both a valid chain of trust and also a hostname matching the certificate. A hostname must be provided in the associated input field, as an IP address will not work.
Info

Certificate verification is not supported for UDP or TCP.  There will be no validation on these protocols.

...