TLS

Suricata TLS support Victor Julien has just merged to main tree a branch containing some interesting new TLS related features. They have been contributed by me and Jean-Paul Roliers. This patchset introduces TLS logging and brings some new keywords to Suricata engine. Here’s the list of all TLS related keywords that are available in latest Suricata git: tls.version: match on version of protocol tls.subject: match on subject of certificate tls.issuerdn: match on issuer DN of certificate tls.fingerprint: match on SHA1 fingerprint of certificate tls.store: store the certificate on disk You will find detailed explanation below. ...