[Snort-users] Pulledpork 500 error, but I do have current certs!

Avery Rozar Avery.Rozar at ...16118...
Fri Aug 28 08:42:39 EDT 2015

I'll give it a shot, thanks!
From: Shirkdog [shirkdog at ...11827...]
Sent: Thursday, August 27, 2015 6:45 PM
To: Avery Rozar
Cc: snort-users mailinglist
Subject: Re: [Snort-users] Pulledpork 500 error, but I do have current certs!

I added a check for root certs on FreeBSD in the current git tree (0.7.2)

Try the latest code, and let me know if you are still having issues.

On Aug 27, 2015 6:36 PM, "Avery Rozar" <Avery.Rozar at ...16118...<mailto:Avery.Rozar at ...16118...>> wrote:
Hello All,
I'm running Sort 2.7.5 on FreeBSD 10.1, when I try to update the rules with pulledpork I get a 500 error. The -vv option shows that it can not verify the cert, but I do have the current root certs. I've removed the https for http in the pulledpork.conf but it seems to be getting a redirect back to https for AWS.

My root cert is in "/usr/local/lib/perl5/site_perl/Mozilla/CA/cacert.pem", I've verified with "openssl s_client -CAfile /usr/local/lib/perl5/site_perl/Mozilla/CA/cacert.pem -connect s3.amazonaws.com:443<http://s3.amazonaws.com:443> < /dev/null". I assume this may be a perl issue (not really sure), is there a way to tell pulledpork where to look for the root certs, or could I just setup a symbolic link? If I can just do a symbiotic link where should I put it?


Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!

More information about the Snort-users mailing list