-
Notifications
You must be signed in to change notification settings - Fork 139
CONFIG_TRUSTED_PUBLIC_KEY Audit Event
The CONFIG_TRUSTED_PUBLIC_KEY
audit event is generated when:
-
Manage Certificate is used to edit the trustness of certificates and deletion of certificates
-
Certificate Setup Wizard is used to import CA certificates into the certificate database (Although CrossCertificatePairs are stored within internaldb, audit them as well)
Properties:
-
ParamNameValPairs
must be aname;;value
pair (where name and value are separated by the delimiter;;
) separated by+
(if more than onename;;value
pair) of config params changed
Use PKI Console to add a trusted CA certificate chain:
-
Go to Configuration → System Keys and Certificates → CA Certificates.
-
Click Add.
-
Click Next.
-
Select Trusted CA Certificate Chain.
-
Click Next.
-
Select The certificate is located in the text are below.
-
Paste a CA Certificate.
-
Click Next.
-
Click Next.
The server will generate the following events:
[AuditEvent=CONFIG_TRUSTED_PUBLIC_KEY][SubjectID=caadmin][Outcome=Success][Param NameValPairs=Scope;;installCert+Operation;;OP_MODIFY+Resource;;trustedCACert+pkc s10;;-----BEGIN CERTIFICATE----- MIIDFTCCAf2gAwIBAgICWakwDQYJKoZIhvcNAQELBQAwMzEQMA4GA1UEChMHRVhB TVBMRTEfMB0GA1UEAxMWQ0EgU2lnbmluZyBDZXJ0aWZpY2F0ZTAeFw0xNzA0MjYx NzQzMjRaFw0xNzA3MjYxNzQzMjRaMDMxEDAOBgNVBAoTB0VYQU1QTEUxHzAdBgNV BAMTFkNBIFNpZ25pbmcgQ2VydGlmaWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOlxlvYGfx1xGD9ZUMu1smdVJFbpvt+oQ6Sfk6S0fUgNe+vsr/ SYVGKvCAFPp+94I70auxFFO3XQhfn3ZKohfuOt1rGLPwYIx3sS4ldU6wWENGYZLi qA8yQJEGBldql7OKVfC0WCHkKS9b3BJBVqogz7BnO86nxN3g3cmzzWKSAt2Rp5jm YJT/Lr4xm5vKWtq+rdiDmc36LJ8Wi23tAfUyWoOodBxfYQBMPUGLMA7EaQwWm8oe vd7wljq3AsX4AWwdBPvsi9QvnSZKpSMZIJj94lSE6O0R3CkHWR0ZNVoBj/XpDqm2 I8ygswbObUeLzTnOJzs8rStvKf4/hNgD0rn/AgMBAAGjMzAxMBEGCWCGSAGG+EIB AQQEAwIABzAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwICBDANBgkqhkiG9w0B AQsFAAOCAQEAp1SAHv6qoWd30vEHSVLJwh/RKFh60Dj4ON29KtiploCxiwZk9tZa Klca+xbtEhK2pVV8UmiUzkbnqNpWB58i1bxoPP316En0DyqjTRodInKt5Y9Jpn89 OuL3o+hTYuQtkQqWknkqxpQi/rbzwEeqEfDcLOLPWbhp4yQXFZySJJPPMSsl0vNN 64ZJdmbzS0/1lNb86aHzoeBUvEwAcHCqnoN5/vXCk0P/DAImIXwugP2cjKH8V8DX ZEbIOznWyNmNq5gqSIYwt2RUREf6NUjXWWzayrVL2hBq90ukFtMuSf/Pka/Uk3HC MtQfIFm9RMdb8mdpQxqikxQ49G7pHT+zYA== -----END CERTIFICATE-----+nickname;;<null>+pathname;;<null>+serverRoot;;<null>+s erverID;;instanceID] certificate database configuration
Use PKI Console to trust an untrusted CA certificate chain:
-
Go to Configuration → System Keys and Certificates → CA Certificates.
-
Select an untrusted CA certificate chain.
-
Click Edit.
-
Click Yes.
The server will generate the following events:
[AuditEvent=CONFIG_TRUSTED_PUBLIC_KEY][SubjectID=caadmin][Outcome=Success][Param NameValPairs=Scope;;rootTrustBit+Operation;;OP_MODIFY+Resource;;RS_ID_CONFIG+nic kName;;internal:CA Signing Certificate - EXAMPLE+serialNumber;;33359937118835104 1398503430217059004129+issuerName;;CN=CA Signing Certificate,OU=pki-tomcat,O=EXA MPLE+trustbit;;trust] certificate database configuration
Use PKI Console to untrust a trusted CA certificate chain:
-
Go to Configuration → System Keys and Certificates → CA Certificates.
-
Select a trusted CA certificate chain.
-
Click Edit.
-
Click Yes.
The server will generate the following events:
[AuditEvent=CONFIG_TRUSTED_PUBLIC_KEY][SubjectID=caadmin][Outcome=Success][Param NameValPairs=Scope;;rootTrustBit+Operation;;OP_MODIFY+Resource;;RS_ID_CONFIG+nic kName;;internal:CA Signing Certificate - EXAMPLE+serialNumber;;33359937118835104 1398503430217059004129+issuerName;;CN=CA Signing Certificate,OU=pki-tomcat,O=EXA MPLE+trustbit;;untrust] certificate database configuration
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |