Created on 03-02-2023 08:19 AM
Since I did the integration of an SSL certificate signed by a Microsoft ADCS certificate authority. I have SSL errors in the phoenix.log related to the phMonitorSupervisor. And in the Cloud Health section, the supervisor status is critical.
phMonitorSupervisor: [PH_HTTP_CLIENT_CURL_ERROR]:[eventSeverity]=PHL_ERROR,[procName]=phMonitorSupervisor,[fileName]=phHttpClient.cpp,[lineNumber]=882,[infoURL]=h_t_tps://*.*.*.*:443/phoenix/rest/sync/task?custId=1&agentId=1&time=1677772602,[phLogDetail]=curl error (60) Peer certificate cannot be authenticated with given CA certificates for method: GET
On the other hand, I have a valid certificate when I connect in the WEBUI of FortiSIEM.
In the FortiSiem documentation, it describes the procedure to add a signed certificate. But I have an impression that it is only for CA authorities like Entrust, etc.
So, should we add the root CA of ADCS in the OS certificates (rocky Linux)?
Thanks for your help
Created on 03-09-2023 11:24 AM
I think in this instance it may be best to raise a support case.
You should not need to install it into any Rocky cert stores. A few things to double check..
1 - certificate configuration
2 - dns name and any alt names provided
3 - verify certificate validity
Thanks for the reply
I will check with support. But I confirm that my certificate is valid, the dns and I have followed the configuration guide.
any outcome or news regarding using MS AD Certs? I also opened a case with support and i will configure it next week.
Created on 03-09-2023 08:35 PM
i also want to implement an MSAD signed Cert but i did not try it because i read it that it seems not to be supported. I think the reason is there is only one Cert implemented for SSL and this is used in many places like connecting to the other FortiSIEM Appliances like Connectors and to external logsources like Azure and so on. Are you using this and is it still working in your case? Please let me know news about the outcome of your "experience".