On Mon, Jan 9, 2017 at 9:20 PM, Jochen Schalanda <[email protected]> wrote:
> if you're using TLS client certificates No - the cisco doesn't support that anyway. The java error says "javax.net.ssl.SSLException: Received fatal alert: certificate_unknown", and wireshark confirms the TLS alert comes from the *client* - not the server. It seems to me the Cisco ASA doesn't trust the server cert or the CA that signed it - but I'm not a Cisco engineer and apparently our ones have never done this before and don't know any better either :-) I was hoping someone on this list had been through the drama. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFChrgKDG5SqkiiS%2BPFzEG6m-%2Byre%3DdazZuH8%3Dufm%2B8LwLD54Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
