telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

Include config option to disable SSL verification

Browse Source 
Adjust README accordingly
Fixes #1543
This commit is contained in:
Marco Ochse
2024-06-04 15:33:28 +02:00
parent d83b858be7
commit a510e28ef1
12 changed files with 53 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docker/elk/logstash/dist/entrypoint.sh vendored
View File

@ -10,7 +10,10 @@ trap fuCLEANUP EXIT
if [ -f "/data/tpot/etc/compose/elk_environment" ];
then
echo "Found .env, now exporting ..."
set -o allexport && source "/data/tpot/etc/compose/elk_environment" && set +o allexport
set -o allexport
source "/data/tpot/etc/compose/elk_environment"
LS_SSL_VERIFICATION="${LS_SSL_VERIFICATION:-full}"
set +o allexport
fi
# Check internet availability
@ -50,6 +53,7 @@ if [ "$TPOT_TYPE" == "SENSOR" ];
echo
echo "T-Pot type: $TPOT_TYPE"
echo "Hive IP: $TPOT_HIVE_IP"
echo "SSL verification: $LS_SSL_VERIFICATION"
echo
# Ensure correct file permissions for private keyfile or SSH will ask for password
cp /usr/share/logstash/config/pipelines_sensor.yml /usr/share/logstash/config/pipelines.yml

4
docker/elk/logstash/dist/http_output.conf vendored
View File

@ -723,7 +723,9 @@ output {
codec => "json"
format => "json_batch"
url => "https://${TPOT_HIVE_IP}:64294"
cacert => "/data/hive.crt"
# cacert => "/data/hive.crt"
ssl_verification_mode => "${LS_SSL_VERIFICATION}"
ssl_certificate_authorities => "/data/hive.crt"
headers => {
"Authorization" => "Basic ${TPOT_HIVE_USER}"
}