The security/certspotter port
certspotter-0.18.0 – Certificate Transparency log monitor (cvsweb github mirror)
Description
Cert Spotter is a Certificate Transparency log monitor from SSLMate that alerts you when an SSL/TLS certificate is issued for one of your domains. Cert Spotter is easier to use than other open source CT monitors, since it does not require a database. It's also more robust, since it uses a special certificate parser that ensures it won't miss certificates. You can use Cert Spotter to detect: - Certificates issued to attackers who have compromised your DNS and are redirecting your visitors to their malicious site. - Certificates issued to attackers who have taken over an abandoned sub-domain in order to serve malware under your name. - Certificates issued to attackers who have compromised a certificate authority and want to impersonate your site. - Certificates issued in violation of your corporate policy or outside of your centralized certificate procurement process. N.B. Cert Spotter fetches the entire set of CT logs, using a large amount of bandwidth while doing so, possibly for a week or more.WWW: https://github.com/SSLMate/certspotter
Readme
+-------------------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-------------------------------------------------------------------------------
Create a watch list file ${LOCALSTATEDIR}/certspotter/.certspotter/watchlist
containing the DNS names you want to monitor, one per line. To monitor an
entire domain tree (including the domain itself and all sub-domains) prefix the
domain (including the domain itself and all sub-domains) prefix the domain name
with a dot (e.g. .example.com). To monitor a single DNS name only, do not
prefix the name with a dot.
Place one or more email addresses in
${LOCALSTATEDIR}/certspotter/.certspotter/email_recipients file
(one per line), and/or place one or more executable scripts in
${LOCALSTATEDIR}/certspotter/.certspotter/hooks.d directory. certspotter
will email the listed addresses (requires your system to have a working
sendmail command) and execute the provided scripts when it detects a
certificate for a domain on your watch list. The location of those files is
kept in a .certspotter to ensure compatibility with the non daemonized
version.
Maintainer
Renaud Allard
Only for arches
aarch64 amd64 mips64 riscv64
Categories
Build dependencies
Files
- /etc/rc.d/certspotter
- /usr/local/bin/certspotter
- /usr/local/bin/submitct
- /usr/local/share/doc/certspotter/
- /usr/local/share/doc/certspotter/CHANGELOG.md
- /usr/local/share/doc/certspotter/README.md
- /usr/local/share/doc/pkg-readmes/certspotter
- /var/certspotter/
- /var/certspotter/.certspotter/
- @newgroup _certspotter:896
- @newuser _certspotter:896:896::Certspotter Daemon:/var/certspotter:/sbin/nologin