Hello everyone, I have as apache server with an ssl-only site with restrictions on who can browse it by means of digital certificates. Meaning that ir order to browse the secure site one would need to have a x509 certificate issued by the our office CA. I use OSSEC in all of our servers and I'd like to know if with OSSEC I can monitor access_ssl_log entries and know the time, ip and which certificate was used to login?
Any pointers on how to create a rule for this would be greatly appreciated. Thanks. -- VĂtor Correia [email protected] | www.vitorcorreia.info
