CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

merge into: CSEC_PUBLIC:bravo
Branches Tags
CSEC_PUBLIC:master CSEC_PUBLIC:2.4/dev CSEC_PUBLIC:idstools-refactor CSEC_PUBLIC:reyesj2/advilm CSEC_PUBLIC:bravo CSEC_PUBLIC:jertel/wip CSEC_PUBLIC:certtest CSEC_PUBLIC:TOoSmOotH-patch-2 CSEC_PUBLIC:reyesj2-patch-2 CSEC_PUBLIC:TOoSmOotH-patch-1 CSEC_PUBLIC:delta CSEC_PUBLIC:salt300616 CSEC_PUBLIC:2.4/main CSEC_PUBLIC:2.4.190 CSEC_PUBLIC:foxtrot CSEC_PUBLIC:2.4/playbooklocalrepo CSEC_PUBLIC:2.4.170 CSEC_PUBLIC:hotfix/2.4.150 CSEC_PUBLIC:kaffytaffy CSEC_PUBLIC:2.3/main CSEC_PUBLIC:dev CSEC_PUBLIC:kilo CSEC_PUBLIC:sysusers CSEC_PUBLIC:feature/users
CSEC_PUBLIC:2.4.190-20251024 CSEC_PUBLIC:2.4.180-20250916 CSEC_PUBLIC:2.4.170-20250812 CSEC_PUBLIC:2.4.160-20250625 CSEC_PUBLIC:2.4.160-20250615 CSEC_PUBLIC:2.4.150-20250522 CSEC_PUBLIC:2.4.150-20250512 CSEC_PUBLIC:2.4.141-20250331 CSEC_PUBLIC:2.4.140-20250324 CSEC_PUBLIC:2.4.130-20250311 CSEC_PUBLIC:2.4.120-20250212 CSEC_PUBLIC:2.4.111-20241217 CSEC_PUBLIC:2.4.110-20241010 CSEC_PUBLIC:2.4.110-20241004 CSEC_PUBLIC:2.4.100-20240903 CSEC_PUBLIC:2.4.100-20240829 CSEC_PUBLIC:2.4.90-20240729 CSEC_PUBLIC:2.4.80-20240624 CSEC_PUBLIC:2.4.80-20240625 CSEC_PUBLIC:2.4.70-20240529 CSEC_PUBLIC:2.3.300-20240401 CSEC_PUBLIC:2.4.60-20240320 CSEC_PUBLIC:2.3.290-20240229 CSEC_PUBLIC:2.4.50-20240220 CSEC_PUBLIC:2.4.40-20240116 CSEC_PUBLIC:2.4.30-20231228 CSEC_PUBLIC:2.4.30-20231219 CSEC_PUBLIC:2.4.30-20231204 CSEC_PUBLIC:2.3.280-20231128 CSEC_PUBLIC:2.4.30-20231121 CSEC_PUBLIC:2.4.30-20231117 CSEC_PUBLIC:2.4.30-20231113 CSEC_PUBLIC:2.4.20-20231012 CSEC_PUBLIC:2.4.20-20231006 CSEC_PUBLIC:2.3.270-1006 CSEC_PUBLIC:2.4.10-202030821 CSEC_PUBLIC:2.4.10-20230815 CSEC_PUBLIC:2.4.5-20230807 CSEC_PUBLIC:2.4.5 CSEC_PUBLIC:2.4.4-20230728 CSEC_PUBLIC:2.4.3-20230711 CSEC_PUBLIC:2.3.260-20230620 CSEC_PUBLIC:2.4.2-20230531 CSEC_PUBLIC:2.3.250-20230519 CSEC_PUBLIC:2.3.240-20220426 CSEC_PUBLIC:2.4.1-20230424 CSEC_PUBLIC:2.3.230-20230417 CSEC_PUBLIC:2.4.0-20230328 CSEC_PUBLIC:2.3.220-20230301 CSEC_PUBLIC:2.3.220-20230224 CSEC_PUBLIC:2.3.210-20230202 CSEC_PUBLIC:2.3.200-20230113 CSEC_PUBLIC:2.3.190-20221207 CSEC_PUBLIC:2.3.190-20221205 CSEC_PUBLIC:2.3.182-20221109 CSEC_PUBLIC:2.3.181-20221021 CSEC_PUBLIC:2.3.180-20221014 CSEC_PUBLIC:2.3.170-20220922 CSEC_PUBLIC:2.3.160-20220829 CSEC_PUBLIC:2.3.150-20220820 CSEC_PUBLIC:2.3.140-20220812 CSEC_PUBLIC:2.3.140-20220719 CSEC_PUBLIC:2.3.140-20220718 CSEC_PUBLIC:2.3.130-20220607 CSEC_PUBLIC:2.3.120 CSEC_PUBLIC:2.3.110-20220407 CSEC_PUBLIC:2.3.110-20220405 CSEC_PUBLIC:2.3.110-20220401 CSEC_PUBLIC:2.3.110-20220309 CSEC_PUBLIC:2.3.100-20220301 CSEC_PUBLIC:2.3.100-20220203 CSEC_PUBLIC:2.3.100-20220202 CSEC_PUBLIC:2.3.100 CSEC_PUBLIC:2.3.91 CSEC_PUBLIC:2.3.90-20211213 CSEC_PUBLIC:2.3.90-20211210 CSEC_PUBLIC:2.3.90-20211206 CSEC_PUBLIC:2.3.90-AIRGAPFIX CSEC_PUBLIC:2.3.90-WAZUH CSEC_PUBLIC:2.3.90 CSEC_PUBLIC:2.3.80 CSEC_PUBLIC:2.3.70-WAZUH CSEC_PUBLIC:2.3.70-GRAFANA CSEC_PUBLIC:2.3.70-CURATOR CSEC_PUBLIC:2.3.70 CSEC_PUBLIC:2.3.61MSEARCH CSEC_PUBLIC:2.3.61STENODOCKER CSEC_PUBLIC:2.3.61 CSEC_PUBLIC:2.3.60CURATORAUTH CSEC_PUBLIC:2.3.60FBPIPELINE CSEC_PUBLIC:2.3.60HEAVYNODE CSEC_PUBLIC:2.3.60ECS CSEC_PUBLIC:2.3.60 CSEC_PUBLIC:2.3.52 CSEC_PUBLIC:2.3.51 CSEC_PUBLIC:2.3.50GRIDFIX CSEC_PUBLIC:2.3.50 CSEC_PUBLIC:2.3.40 CSEC_PUBLIC:2.3.30 CSEC_PUBLIC:2.3.21 CSEC_PUBLIC:2.3.20 CSEC_PUBLIC:2.3.10 CSEC_PUBLIC:2.3.2 CSEC_PUBLIC:2.3.1 CSEC_PUBLIC:2.3.0 CSEC_PUBLIC:2.2.0-rc3 CSEC_PUBLIC:2.1.0-rc2 CSEC_PUBLIC:2.0.1-rc1.1 CSEC_PUBLIC:2.0.1-rc1 CSEC_PUBLIC:2.0.0-rc1 CSEC_PUBLIC:1.4.1 CSEC_PUBLIC:1.4.0 CSEC_PUBLIC:1.3.0 CSEC_PUBLIC:1.2.1-1 CSEC_PUBLIC:1.2.1 CSEC_PUBLIC:1.1.4 CSEC_PUBLIC:1.1.3 CSEC_PUBLIC:1.0.4 CSEC_PUBLIC:v1.0.3
...
pull from: CSEC_PUBLIC:certtest
Branches Tags
CSEC_PUBLIC:2.4/dev CSEC_PUBLIC:idstools-refactor CSEC_PUBLIC:reyesj2/advilm CSEC_PUBLIC:bravo CSEC_PUBLIC:jertel/wip CSEC_PUBLIC:certtest CSEC_PUBLIC:TOoSmOotH-patch-2 CSEC_PUBLIC:reyesj2-patch-2 CSEC_PUBLIC:TOoSmOotH-patch-1 CSEC_PUBLIC:delta CSEC_PUBLIC:salt300616 CSEC_PUBLIC:2.4/main CSEC_PUBLIC:2.4.190 CSEC_PUBLIC:foxtrot CSEC_PUBLIC:2.4/playbooklocalrepo CSEC_PUBLIC:2.4.170 CSEC_PUBLIC:hotfix/2.4.150 CSEC_PUBLIC:kaffytaffy CSEC_PUBLIC:2.3/main CSEC_PUBLIC:master CSEC_PUBLIC:dev CSEC_PUBLIC:kilo CSEC_PUBLIC:sysusers CSEC_PUBLIC:feature/users
CSEC_PUBLIC:2.4.190-20251024 CSEC_PUBLIC:2.4.180-20250916 CSEC_PUBLIC:2.4.170-20250812 CSEC_PUBLIC:2.4.160-20250625 CSEC_PUBLIC:2.4.160-20250615 CSEC_PUBLIC:2.4.150-20250522 CSEC_PUBLIC:2.4.150-20250512 CSEC_PUBLIC:2.4.141-20250331 CSEC_PUBLIC:2.4.140-20250324 CSEC_PUBLIC:2.4.130-20250311 CSEC_PUBLIC:2.4.120-20250212 CSEC_PUBLIC:2.4.111-20241217 CSEC_PUBLIC:2.4.110-20241010 CSEC_PUBLIC:2.4.110-20241004 CSEC_PUBLIC:2.4.100-20240903 CSEC_PUBLIC:2.4.100-20240829 CSEC_PUBLIC:2.4.90-20240729 CSEC_PUBLIC:2.4.80-20240624 CSEC_PUBLIC:2.4.80-20240625 CSEC_PUBLIC:2.4.70-20240529 CSEC_PUBLIC:2.3.300-20240401 CSEC_PUBLIC:2.4.60-20240320 CSEC_PUBLIC:2.3.290-20240229 CSEC_PUBLIC:2.4.50-20240220 CSEC_PUBLIC:2.4.40-20240116 CSEC_PUBLIC:2.4.30-20231228 CSEC_PUBLIC:2.4.30-20231219 CSEC_PUBLIC:2.4.30-20231204 CSEC_PUBLIC:2.3.280-20231128 CSEC_PUBLIC:2.4.30-20231121 CSEC_PUBLIC:2.4.30-20231117 CSEC_PUBLIC:2.4.30-20231113 CSEC_PUBLIC:2.4.20-20231012 CSEC_PUBLIC:2.4.20-20231006 CSEC_PUBLIC:2.3.270-1006 CSEC_PUBLIC:2.4.10-202030821 CSEC_PUBLIC:2.4.10-20230815 CSEC_PUBLIC:2.4.5-20230807 CSEC_PUBLIC:2.4.5 CSEC_PUBLIC:2.4.4-20230728 CSEC_PUBLIC:2.4.3-20230711 CSEC_PUBLIC:2.3.260-20230620 CSEC_PUBLIC:2.4.2-20230531 CSEC_PUBLIC:2.3.250-20230519 CSEC_PUBLIC:2.3.240-20220426 CSEC_PUBLIC:2.4.1-20230424 CSEC_PUBLIC:2.3.230-20230417 CSEC_PUBLIC:2.4.0-20230328 CSEC_PUBLIC:2.3.220-20230301 CSEC_PUBLIC:2.3.220-20230224 CSEC_PUBLIC:2.3.210-20230202 CSEC_PUBLIC:2.3.200-20230113 CSEC_PUBLIC:2.3.190-20221207 CSEC_PUBLIC:2.3.190-20221205 CSEC_PUBLIC:2.3.182-20221109 CSEC_PUBLIC:2.3.181-20221021 CSEC_PUBLIC:2.3.180-20221014 CSEC_PUBLIC:2.3.170-20220922 CSEC_PUBLIC:2.3.160-20220829 CSEC_PUBLIC:2.3.150-20220820 CSEC_PUBLIC:2.3.140-20220812 CSEC_PUBLIC:2.3.140-20220719 CSEC_PUBLIC:2.3.140-20220718 CSEC_PUBLIC:2.3.130-20220607 CSEC_PUBLIC:2.3.120 CSEC_PUBLIC:2.3.110-20220407 CSEC_PUBLIC:2.3.110-20220405 CSEC_PUBLIC:2.3.110-20220401 CSEC_PUBLIC:2.3.110-20220309 CSEC_PUBLIC:2.3.100-20220301 CSEC_PUBLIC:2.3.100-20220203 CSEC_PUBLIC:2.3.100-20220202 CSEC_PUBLIC:2.3.100 CSEC_PUBLIC:2.3.91 CSEC_PUBLIC:2.3.90-20211213 CSEC_PUBLIC:2.3.90-20211210 CSEC_PUBLIC:2.3.90-20211206 CSEC_PUBLIC:2.3.90-AIRGAPFIX CSEC_PUBLIC:2.3.90-WAZUH CSEC_PUBLIC:2.3.90 CSEC_PUBLIC:2.3.80 CSEC_PUBLIC:2.3.70-WAZUH CSEC_PUBLIC:2.3.70-GRAFANA CSEC_PUBLIC:2.3.70-CURATOR CSEC_PUBLIC:2.3.70 CSEC_PUBLIC:2.3.61MSEARCH CSEC_PUBLIC:2.3.61STENODOCKER CSEC_PUBLIC:2.3.61 CSEC_PUBLIC:2.3.60CURATORAUTH CSEC_PUBLIC:2.3.60FBPIPELINE CSEC_PUBLIC:2.3.60HEAVYNODE CSEC_PUBLIC:2.3.60ECS CSEC_PUBLIC:2.3.60 CSEC_PUBLIC:2.3.52 CSEC_PUBLIC:2.3.51 CSEC_PUBLIC:2.3.50GRIDFIX CSEC_PUBLIC:2.3.50 CSEC_PUBLIC:2.3.40 CSEC_PUBLIC:2.3.30 CSEC_PUBLIC:2.3.21 CSEC_PUBLIC:2.3.20 CSEC_PUBLIC:2.3.10 CSEC_PUBLIC:2.3.2 CSEC_PUBLIC:2.3.1 CSEC_PUBLIC:2.3.0 CSEC_PUBLIC:2.2.0-rc3 CSEC_PUBLIC:2.1.0-rc2 CSEC_PUBLIC:2.0.1-rc1.1 CSEC_PUBLIC:2.0.1-rc1 CSEC_PUBLIC:2.0.0-rc1 CSEC_PUBLIC:1.4.1 CSEC_PUBLIC:1.4.0 CSEC_PUBLIC:1.3.0 CSEC_PUBLIC:1.2.1-1 CSEC_PUBLIC:1.2.1 CSEC_PUBLIC:1.1.4 CSEC_PUBLIC:1.1.3 CSEC_PUBLIC:1.0.4 CSEC_PUBLIC:v1.0.3

1 Commits
bravo ... certtest

Author SHA1 Message Date
Josh Patterson
7b4d471d7e cert expire test 2025-12-01 12:02:55 -05:00
5 changed files with 23 additions and 23 deletions
Expand all files Collapse all files

12
salt/ca/files/signing_policies.conf
View File

@@ -10,7 +10,7 @@ x509_signing_policies:
- keyUsage: "digitalSignature, nonRepudiation"
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- days_valid: 820
- days_valid: 9
- copypath: /etc/pki/issued_certs/
registry:
- minions: '*'
@@ -24,7 +24,7 @@ x509_signing_policies:
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- extendedKeyUsage: serverAuth
- days_valid: 820
- days_valid: 9
- copypath: /etc/pki/issued_certs/
managerssl:
- minions: '*'
@@ -38,7 +38,7 @@ x509_signing_policies:
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- extendedKeyUsage: serverAuth
- days_valid: 820
- days_valid: 9
- copypath: /etc/pki/issued_certs/
influxdb:
- minions: '*'
@@ -52,7 +52,7 @@ x509_signing_policies:
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- extendedKeyUsage: serverAuth
- days_valid: 820
- days_valid: 9
- copypath: /etc/pki/issued_certs/
elasticfleet:
- minions: '*'
@@ -65,7 +65,7 @@ x509_signing_policies:
- keyUsage: "digitalSignature, nonRepudiation"
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- days_valid: 820
- days_valid: 9
- copypath: /etc/pki/issued_certs/
kafka:
- minions: '*'
@@ -79,5 +79,5 @@ x509_signing_policies:
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid,issuer:always
- extendedKeyUsage: "serverAuth, clientAuth"
- days_valid: 820
- days_valid: 9
- copypath: /etc/pki/issued_certs/

2
salt/ca/init.sls
View File

@@ -39,7 +39,7 @@ pki_public_ca_crt:
- extendedkeyUsage: "serverAuth, clientAuth"
- subjectKeyIdentifier: hash
- authorityKeyIdentifier: keyid:always, issuer
- days_valid: 3650
- days_valid: 11
- days_remaining: 7
- backup: True
- replace: False

6
salt/kafka/ssl.sls
View File

@@ -45,7 +45,7 @@ kafka_client_crt:
- private_key: /etc/pki/kafka-client.key
- CN: {{ GLOBALS.hostname }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -93,7 +93,7 @@ kafka_crt:
- private_key: /etc/pki/kafka.key
- CN: {{ GLOBALS.hostname }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -154,7 +154,7 @@ kafka_logstash_crt:
- private_key: /etc/pki/kafka-logstash.key
- CN: {{ GLOBALS.hostname }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:

2
salt/nginx/enabled.sls
View File

@@ -65,7 +65,7 @@ managerssl_crt:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: "DNS:{{ GLOBALS.hostname }}, IP:{{ GLOBALS.node_ip }}, DNS:{{ GLOBALS.url_base }}"
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:

24
salt/ssl/init.sls
View File

@@ -85,7 +85,7 @@ influxdb_crt:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }}, IP:{{ GLOBALS.node_ip }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -124,7 +124,7 @@ redis_crt:
- private_key: /etc/pki/redis.key
- CN: {{ GLOBALS.hostname }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -166,7 +166,7 @@ etc_elasticfleet_crt:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }},DNS:{{ GLOBALS.url_base }},IP:{{ GLOBALS.node_ip }}{% if ELASTICFLEETMERGED.config.server.custom_fqdn | length > 0 %},DNS:{{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(',DNS:') }}{% endif %}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -223,7 +223,7 @@ etc_elasticfleet_logstash_crt:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }},DNS:{{ GLOBALS.url_base }},IP:{{ GLOBALS.node_ip }}{% if ELASTICFLEETMERGED.config.server.custom_fqdn | length > 0 %},DNS:{{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(',DNS:') }}{% endif %}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -284,7 +284,7 @@ etc_elasticfleetlumberjack_crt:
- CN: {{ GLOBALS.node_ip }}
- subjectAltName: DNS:{{ GLOBALS.hostname }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -351,7 +351,7 @@ etc_elasticfleet_agent_crt:
- private_key: /etc/pki/elasticfleet-agent.key
- CN: {{ GLOBALS.hostname }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -413,7 +413,7 @@ etc_filebeat_crt:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }}, IP:{{ GLOBALS.node_ip }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -484,7 +484,7 @@ registry_crt:
- private_key: /etc/pki/registry.key
- CN: {{ GLOBALS.manager }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -522,7 +522,7 @@ regkeyperms:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }}, IP:{{ GLOBALS.node_ip }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -583,7 +583,7 @@ conf_filebeat_crt:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }}, IP:{{ GLOBALS.node_ip }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -637,7 +637,7 @@ chownfilebeatp8:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }}, IP:{{ GLOBALS.node_ip }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry:
@@ -687,7 +687,7 @@ elasticfleet_kafka_crt:
- CN: {{ GLOBALS.hostname }}
- subjectAltName: DNS:{{ GLOBALS.hostname }}, IP:{{ GLOBALS.node_ip }}
- days_remaining: 7
- days_valid: 820
- days_valid: 9
- backup: True
- timeout: 30
- retry: