Description
Prerequisites
- [x ] I read the Deployment and Setup section of the OpenBAS documentation as well as the Troubleshooting page and didn't find anything relevant to my problem.
- [x ] I went through old GitHub issues and couldn't find anything relevant
- [ x] I googled the issue and didn't find anything relevant
Description
I have added a signed certificate from our subordinate CA to openbas. I did it with this configuration
docker-compose.yml
volumes:
- "./certs:/certs"
- SERVER_SSL_ENABLED=${SERVER_SSL_ENABLED}
- SERVER_SSL_KEY-STORE-TYPE=${SERVER_SSL_KEY_STORE_TYPE}
- SERVER_SSL_KEY-STORE=${SERVER_SSL_KEY_STORE}
- SERVER_SSL_KEY-STORE-PASSWORD=${SERVER_SSL_KEY_STORE_PASSWORD}
- SERVER_SSL_KEY-ALIAS=${SERVER_SSL_KEY_ALIAS}
.env
SERVER_SSL_ENABLED=true
SERVER_SSL_KEY_STORE_TYPE=PKCS12
SERVER_SSL_KEY_STORE=/certs/cert.p12
SERVER_SSL_KEY_STORE_PASSWORD=admin
SERVER_SSL_KEY_ALIAS=1
I have changed atomic red team and mitre to
- OPENBAS_URL=https://openbas.domain.local:8080
but the atomic red team and mitre containers keep restarting. When I look at the logs I see
requests.exceptions.SSLError: HTTPSConnectionPool(host='openbas.domain.local', port=8080): Max retries exceeded with url: /api/collectors (Caused by SSLError(SSLEOFError(8, '[SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1000)')))
I think it is because the mitre and atomic red team don't understand the cert chain of my CA.
So it possible to get mitre and atomic red team to work with a cert from one of my CAs?
Environment
- OS (where OpenBAS server runs): { e.g. Mac OS 10, Windows 10, Ubuntu 16.4, etc. } Ubuntu 24.04
- OpenBAS version: { e.g. OpenBAS 1.0.2 } 1.7.0
- OpenBAS client: { e.g. frontend or python } frontend
- Other environment details: docker setup
Reproducible Steps
Steps to create the smallest reproducible scenario:
- Add certificate from a CA into your openbas environment
- Point Atomic Red Team and Mitre to the new https website