: Server Certificate Validation
Focus
Focus

Server Certificate Validation

Table of Contents

Server Certificate Validation

These are the steps
Cortex Data Lake
takes to ensure that a log receiver has a valid certificate.
Cortex Data Lake
secures your log data by ensuring that the server you specify to receive your logs is trusted and legitimate.
When you configure syslog or HTTPS forwarding,
Cortex Data Lake
ensures that your log data arrives safely to its intended destination by verifying the certificate on the receiving server. For maximum security,
Cortex Data Lake
performs multiple validity checks:
Cortex Data Lake
checks...
to verify that...
Third-Party CA-Signed Certificates
The server has the full certificate chain. If the root CA is in the list of trusted CAs, you do not need to upload any CAs from the certificate chain. If the root CA is not in the list of trusted CAs, you need to upload the root CA to
Cortex Data Lake
.
OR
The server has the server certificate and one or more intermediate CAs. If the root CA is in the list of trusted CAs, you do not need to upload any CAs from the certificate chain. If the root CA is not in the list of trusted CAs, you need to upload the root CA to Cortex Data Lake.
OR
The server has only the server certificate. If the root CA is in the list of trusted CAs, then you need to upload only the intermediate CAs (one or multiple) to
Cortex Data Lake
. If the root CA is not in the list of trusted CAs, you need to upload the root CA and one or more intermediate CAs to
Cortex Data Lake
.
Private CA-Signed Certificates
The server has the full certificate chain, and only the root CA is uploaded to
Cortex Data Lake
.
OR
The server has the server certificate and one or more intermediate CAs, and the root CA is uploaded to
Cortex Data Lake
.
OR
The server has the server certificate only; the root CA and one or more intermediate CAs are uploaded to
Cortex Data Lake
.
Self-Signed Certificates
The certificate is installed on the server and uploaded to
Cortex Data Lake
.
Expiration
None of the certificates in the chain have expired.
Host Name Match
The value entered for the Syslog Server name matches the Subject Alternative Name (SAN) of the server certificate.
Revocation Status
None of the certificates in the chain have been revoked by its issuing CA.

Recommended For You