Namespace: | GLOBAL |
---|---|
Source File: | /scripts/base/bif/plugins/Bro_X509.events.bif.bro |
x509_certificate: event | Generated for encountered X509 certificates, e.g., in the clear SSL/TLS connection handshake. |
x509_ext_basic_constraints: event | Generated for the X509 basic constraints extension seen in a certificate. |
x509_ext_subject_alternative_name: event | Generated for the X509 subject alternative name extension seen in a certificate. |
x509_extension: event | Generated for X509 extensions seen in a certificate. |
Type: | event (f: fa_file, cert_ref: opaque, cert: X509::Certificate) |
---|
Generated for encountered X509 certificates, e.g., in the clear SSL/TLS connection handshake.
See Wikipedia for more information about the X.509 format.
F: | The file. |
---|---|
Cert_ref: | An opaque pointer to the underlying OpenSSL data structure of the certificate. |
Cert: | The parsed certificate information. |
See also: x509_extension, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_verify, x509_get_certificate_string
Type: | event (f: fa_file, ext: X509::BasicConstraints) |
---|
Generated for the X509 basic constraints extension seen in a certificate. This extension can be used to identify the subject of a certificate as a CA.
F: | The file. |
---|---|
Ext: | The parsed basic constraints extension. |
See also: x509_certificate, x509_extension, x509_ext_subject_alternative_name, x509_parse, x509_verify, x509_get_certificate_string
Type: | event (f: fa_file, ext: X509::SubjectAlternativeName) |
---|
Generated for the X509 subject alternative name extension seen in a certificate. This extension can be used to allow additional entities to be bound to the subject of the certificate. Usually it is used to specify one or multiple DNS names for which a certificate is valid.
F: | The file. |
---|---|
Ext: | The parsed subject alternative name extension. |
See also: x509_certificate, x509_extension, x509_ext_basic_constraints, x509_parse, x509_verify, x509_get_certificate_string
Type: | event (f: fa_file, ext: X509::Extension) |
---|
Generated for X509 extensions seen in a certificate.
See Wikipedia for more information about the X.509 format.
F: | The file. |
---|---|
Ext: | The parsed extension. |
See also: x509_certificate, x509_ext_basic_constraints, x509_ext_subject_alternative_name, x509_parse, x509_verify, x509_get_certificate_string