Jump to content

Keycroc doesn't trust C2 self signet certificate CA


eVill
 Share

Recommended Posts

I have set up C2 server and created a self.signed certificate as in this guide:

https://docs.hak5.org/hc/en-us/articles/360049664554-Cloud-C2-setup-with-self-signed-SSL-certificates

If have also copied cert.crt to my Keycroc and to file /etc/ssl/cert.pem (as in the guide above). But my Keycroc is not able to form a connection to C2 server. TLS-handshake failure: "Unknown CA".

I also have SharkJack connected to the same server (with same settings) and there is no problem with that one.

 

Link to comment
Share on other sites

Posted (edited)

Try the following on the Croc:

apt update
apt install p11-kit

trust anchor /etc/ssl/certs/cert.crt

If getting an error like "no configured writable location to store anchors", then import the cert manually by copying the certificate (crt) file to /usr/local/share/ca-certificates

Then execute:
update-ca-certificates

The Croc should show in C2 without need of doing any additional actions (such as reboot, etc.)

 

Edited by chrizree
  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...