[Snort-sigs] Update your oinkmaster/pulled_porkconf files

Weir, Jason jason.weir at ...3410...
Wed Jun 30 13:05:38 EDT 2010


OK - got it working.

On Debian at least, installing the ca-certificates package (apt-get
install ca-certificates) and using the correct download link
(url=http://www.snort.org/pub-bin/oinkmaster.cgi/<oinkcode>/snortrules-s
napshot-2853.tar.gz) in your oinkmaster.conf file has fixed the problem.

You would think the ca-certificates package would be included in openssl
but I guess it's not...

Thanks for everyone's help...

-Jason 

-----Original Message-----
From: Joel Esler [mailto:jesler at ...435...] 
Sent: Wednesday, June 30, 2010 12:06 PM
To: Fred Austin
Cc: Weir, Jason; snort-sigs at lists.sourceforge.net; Snort Users List
Subject: Re: [Snort-sigs] [Snort-users] Update your
oinkmaster/pulled_porkconf files


All,


So the problem is whatever openssl version that is being used on their
system has an old root CA chain file that doesn't have the recent
Verisign CA's chain certificates in it.


We're continuing to test on our side, however, you'll need to update
these and this error should go away.


J


_____________________________________________________________________________________________

Please visit www.nhrs.org to subscribe to NHRS email announcements and updates.


More information about the Snort-sigs mailing list