Produce a report of all the CA’s in my environment

  • 1
  • Question
  • Updated 8 years ago
  • Answered
How would you produce a report or signature that shows all of the Certificate Authorities in use within the environment?
Photo of NetFort

NetFort

  • 182 Posts
  • 2 Reply Likes

Posted 8 years ago

  • 1
Photo of NetFort

NetFort

  • 182 Posts
  • 2 Reply Likes
Official Response
One way of doing would be to write a signature that would detect ocsp requests going back to the relevant Certificate Authorities, these request go over port 80, so a signature looking for the keyword "application/ocsp-request" would go along way to meeting this request.