:tocdepth: 3

policy/protocols/ssl/validate-certs.bro
=======================================
.. bro:namespace:: SSL

Perform full certificate chain validation for SSL certificates.

:Namespace: SSL
:Imports: :doc:`base/frameworks/notice </scripts/base/frameworks/notice/index>`, :doc:`base/protocols/ssl </scripts/base/protocols/ssl/index>`
:Source File: :download:`/scripts/policy/protocols/ssl/validate-certs.bro`

Summary
~~~~~~~
State Variables
###############
=============================================================================================================================================== ==================================================================
:bro:id:`SSL::recently_validated_certs`: :bro:type:`table` :bro:attr:`&read_expire` = ``5.0 mins`` :bro:attr:`&synchronized` :bro:attr:`&redef` MD5 hash values for recently validated chains along with the
                                                                                                                                                validation status message are kept in this table to avoid constant
                                                                                                                                                validation every time the same certificate chain is seen.
=============================================================================================================================================== ==================================================================

Redefinitions
#############
========================================== =
:bro:type:`Notice::Type`: :bro:type:`enum` 
:bro:type:`SSL::Info`: :bro:type:`record`  
========================================== =


Detailed Interface
~~~~~~~~~~~~~~~~~~
State Variables
###############
.. bro:id:: SSL::recently_validated_certs

   :Type: :bro:type:`table` [:bro:type:`string`] of :bro:type:`string`
   :Attributes: :bro:attr:`&read_expire` = ``5.0 mins`` :bro:attr:`&synchronized` :bro:attr:`&redef`
   :Default: ``{}``

   MD5 hash values for recently validated chains along with the
   validation status message are kept in this table to avoid constant
   validation every time the same certificate chain is seen.


