RootCA and InsecureSkipVerify

New empty settings and their annotations.
2025-12-06 09:12:45 +01:00 · 2024-06-06 16:36:09 -06:00
parent f35f6bd4c8
commit fa063722e1
2 changed files with 10 additions and 0 deletions
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1286,6 +1286,8 @@ soc:
      maxPacketCount: 5000
      htmlDir: html
      importUploadDir: /nsm/soc/uploads
+      rootCA: ''
+      insecureSkipVerify: false
      modules:
        cases: soc
        filedatastore:
--- a/salt/soc/soc_soc.yaml
+++ b/salt/soc/soc_soc.yaml
@@ -81,6 +81,14 @@ soc:
        description: Maximum number of packets to show in the PCAP viewer. Larger values can cause more resource utilization on both the SOC server and the browser.
        global: True
        advanced: True
+      rootCA:
+        description: Root Certificate Authority (CA) public key in PEM format that SOC will use to validate outgoing requests. This is useful when the SOC server is behind a reverse proxy that performs SSL termination.
+        multiline: True
+        advanced: True
+      insecureSkipVerify:
+        description: Disable TLS verification for outgoing requests. This will make your installation less secure to MITM attacks. Recommended only for debugging purposes.
+        advanced: True
+        forcedType: bool
      modules:
        elastalertengine:
          additionalAlerters: