![]() ![]() ![]() String found in binary or memory: ack.endles sdataflow. String found in binary or memory: 0x29a9dfc 9,0x01d72b 0f0x 29a9dfc9,0 x01d72b0f equals (You tube)ĭNS traffic detected: queries fo r: kryddig aprat.site String found in binary or memory: 0x29a9dfc 9,0x01d72b 0f0x 29a9dfc9,0 x01d72b0f equals om (Youtub e) String found in binary or memory: 0x29a9dfc 9,0x01d72b 0f0x 29a9dfc9,0 x01d72b0f equals (Twi tter) String found in binary or memory: 0x29a9dfc 9,0x01d72b 0f0x 29a9dfc9,0 x01d72b0f equals om (Twitte r) String found in binary or memory: 0x29a51b 00,0x01d72 b0f 0 x29a51b00, 0x01d72b0f equal s ( Facebook) Common name: Starfield Secure Certificate Authority - G2 Organization: Starfield Technologies, Inc. OUStarfield Class 2 Certification Authority,OStarfield Technologies, Inc.,CUS CNStarfield Root Certificate Authority - G2,OStarfield Technologies. String found in binary or memory: 0x29a51b 00,0x01d72 b0f 0 x29a51b00, 0x01d72b0f equals ww w.facebook. ![]() 0) like Ge ckoAccept- Encoding: gzip, defl ateHost: k ryddigapra t.siteConn ection: Ke ep-Aliveįound strings which match to known social media urls CBM B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E CNStarfield Root Certificate Authority - G2, OStarfield Technologies, Inc., LScottsdale, SArizona. Could this error be due to server overload or lack of resources? Because in other environments with the same settings this error doesn't show up.HTTP traffic detected: GET / HTTP /1.1Accept : text/htm l, applica tion/xhtml xml, imag e/jxr, */* Accept-Lan guage: en- USUser-Age nt: Mozill a/5.0 (Win dows NT 10. I use Splunk's build in certificate, and dont know why this error shows up. How i understand this alert came with an error that doesn't accept certificate. ssl_state='error', alert_description='unknown CA'. ssl_state='error', alert_description='unknown CA'.Ġ7-08-2021 04:45:08.837 0600 ERROR X509Verify - Server X509 certificate (CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US) failed validation error=20, reason="unable to get local issuer certificate"Ġ7-08-2021 04:45:08.837 0600 WARN SSLCommon - Received fatal SS元 alert. Issuer: CNStarfield Root Certificate Authority - G2,OStarfield Technologies, Inc.,LScottsdale,STArizona,CUS Serial: 7 Not valid before: 07:00. Root Certificate Authority - G2, OStarfield Technologies, Inc. I just noticed an alert "TCP or SSL config issue" in Splunk Admins app, then i followed to the splunkd.log and then noticed there SSLCommon - Received fatal SS元 alert 07-08-2021 04:45:08.309 0600 ERROR X509Verify - Server X509 certificate (CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US) failed validation error=20, reason="unable to get local issuer certificate"Ġ7-08-2021 04:45:08.312 0600 WARN SSLCommon - Received fatal SS元 alert. A Starfield SSL certificate ensures that all sensitive transactions are kept securely encrypted and safe from prying eyes, and rigorous authentication. Secure Certificate Authority - G2 i:/CUS/STArizona/LScottsdale/OStarfield Technologies, Inc./CNStarfield Root Certificate Authority - G2 2. Release Note: Added T-Systems, GlobalSign and Starfield Services Root Certificates. OCES CA V,OTRUST2408,CDK,CNStarfield Services Root Certificate Authority - G2,OStarfield Technologies, Inc.,LScottsdale,STArizona,CUS,CNActalis. Starfield Technologies is an innovator in the field of Internet foundation services, providing advanced software and Internet solutions critical to the building of online presence and e- commerce. Try this to get the issuer hash of your certificate: Then try to find a certificate with this hash in the sfbundle.crt file that you specified as SSLCertificateChainFile. ![]()
0 Comments
Leave a Reply. |