If I want to have data sent from my Palo Alto system using a certificate that we are using and provide a self signed certificate for us to use. Does Cribl.io support the use of mutual TLS?
Hi @msr1716, Yes Cribl Stream supports Mutual TLS authentication for Palo Alto Firewalls.
In your Palo/Panorama, import the certificate you wish to use for client authentication. Ensure you check the “Certificate for Secure Syslog” box.
In Cribl, you will need to import the CA signing certificate into the Cribl console. Navigate to the Worker Group’s settings and then to Security > Certificates in the left-hand menu.
Import the CA certificate Chain into the “CA Certificate box”. Import the appropriate Public/Private keypair you wish to also use. (If one is already import/not necessary, import a dummy key to bypass the validation).
On the source, copy and paste the path of the CA certificate just uploaded into the “CA certificate Path” box.
1 UpGoat
Yes, Cribl supports mutual TLS for those protocols that support it.
@bdalpe so I could upload a certificate chain that I get from a trusted source and use that as a root cert for mutual TLS?