topic Re: Firepower FMC/FTD and Elastic in Network Security

Firepower FMC/FTD and Elastic

Eric R. Jones — Mon, 23 Nov 2020 03:02:04 GMT

We have just deployed our FMC/FTD on 6.6.1 and have A10 sending our logs to Elastic. We have the logs going to the server via UDP but would like to use TLS per our requirements. I know I need certs from a CA and those certs must be the signed by the same CA on both ends of the connection.

Do I need to use the certs that exist on the Elastic server, the ones I pull for the FMC/FTD or does it matter as long as they are signed by a CA and are PKCS12?

Re: Firepower FMC/FTD and Elastic

Mohammed al Baqari — Mon, 23 Nov 2020 05:56:28 GMT

It doesn't matter as long as you have the right CA sequence installed.

**** please remember to rate useful posts

Re: Firepower FMC/FTD and Elastic

Eric R. Jones — Tue, 24 Nov 2020 00:00:31 GMT

I've been looking for the proper CLI method to import the CA.

I should upload or copy paste the cert info into a file on the FTD then run "openssl pkcs## -info -in "filename"" ?

I find plenty of examples of how to do this using FDM but we have FMC managing our HA FTD's and version 6.6.1 doesn't upload certs to the FTD according to the admin guide.