On Mon, Jan 9, 2017 at 9:20 PM, Jochen Schalanda <joc...@graylog.com> wrote:
> if you're using TLS client certificates No - the cisco doesn't support that anyway. The java error says "javax.net.ssl.SSLException: Received fatal alert: certificate_unknown", and wireshark confirms the TLS alert comes from the *client* - not the server. It seems to me the Cisco ASA doesn't trust the server cert or the CA that signed it - but I'm not a Cisco engineer and apparently our ones have never done this before and don't know any better either :-) I was hoping someone on this list had been through the drama. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFChrgKDG5SqkiiS%2BPFzEG6m-%2Byre%3DdazZuH8%3Dufm%2B8LwLD54Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.