Server Certificate Validation
Table of Contents
Expand all | Collapse all
-
- Cortex Data Lake for Panorama-Managed Firewalls
- Start Sending Logs to a New Cortex Data Lake Instance
- Configure Panorama in High Availability for Cortex Data Lake
- Allocate Storage Based on Log Type
- View Cortex Data Lake Status
- View Logs in Cortex Data Lake
- TCP Ports and FQDNs Required for Cortex Data Lake
- Sizing for Cortex Data Lake Storage
-
- Forward Logs from Cortex Data Lake to a Syslog Server
- Forward Logs from Cortex Data Lake to an HTTPS Server
- Forward Logs from Cortex Data Lake to an Email Server
- Log Record Formats
- Create Log Filters
- Server Certificate Validation
- List of Trusted Certificates for Syslog and HTTPS Forwarding
- Log Forwarding Errors
Server Certificate Validation
These are the steps
Cortex
Data Lake
takes to ensure
that a log receiver has a valid certificate.Cortex
Data Lake
secures your log data
by ensuring that the server you specify to receive your logs is
trusted and legitimate. When you configure syslog or HTTPS forwarding,
Cortex
Data Lake
ensures that your log data arrives safely to its intended destination
by verifying the certificate on the receiving server. For maximum
security, Cortex
Data Lake
performs multiple validity checks:Cortex
Data Lake checks... | to verify that... |
|---|---|
Third-Party CA-Signed Certificates | The server has the full certificate chain. If the root CA is in the list of trusted CAs,
you do not need to upload any CAs from the certificate chain. If the
root CA is not in the list of trusted CAs, you need to upload the
root CA to Cortex
Data Lake .OR The server has the server certificate and one or more intermediate
CAs. If the root CA is in the list of trusted CAs, you do not need
to upload any CAs from the certificate chain. If the root CA is not
in the list of trusted CAs, you need to upload the root CA to Cortex
Data Lake. OR The server has only the server certificate. If the root CA is in the
list of trusted CAs, then you need to upload only the intermediate
CAs (one or multiple) to Cortex
Data Lake . If the root CA is not in
the list of trusted CAs, you need to upload the root CA and one or
more intermediate CAs to Cortex
Data Lake . |
Private CA-Signed Certificates | The server has the full certificate chain, and only the root CA is
uploaded to Cortex
Data Lake .OR The server has the server certificate and one or more intermediate
CAs, and the root CA is uploaded to Cortex
Data Lake .OR The server has the server certificate only; the root CA and one or
more intermediate CAs are uploaded to Cortex
Data Lake . |
Self-Signed Certificates | The certificate is installed on the server and uploaded to Cortex
Data Lake . |
Expiration | None of the certificates in the chain have expired. |
Host Name Match | The value entered for the Syslog Server name matches
the Subject Alternative Name (SAN) of the server certificate. |
Revocation Status | None of the certificates in the chain have
been revoked by its issuing CA. |