I configured Thehive/MISP/Cortex/Elasticsearch architecture. These different tools are installed in LXC containers. I then have access to the servers via client VMs.
Everything works very well, the question that I ask myself now is the security of these tools.
So I chose to start with SSL/TLS from Cortex and TheHive.
In both cases, I saw that it was necessary to configure a reverse proxy. I did this and it works, I have access to Cortex address https://192.168.x.x.
On the other hand, I still have access via the client at the address http://192.168.1.x.x:9001. So I disabled port 9001 in the firewall.
Then on the side of TheHive, I indicated the new Cortex address: https ... But it no longer works, what should I configure?
EDIT : with this line in applicant.conf of thehive : wsConfig.ssl.loose.acceptAnyCertificate
Hello,
I configured Thehive/MISP/Cortex/Elasticsearch architecture. These different tools are installed in LXC containers. I then have access to the servers via client VMs.
Everything works very well, the question that I ask myself now is the security of these tools.
So I chose to start with SSL/TLS from Cortex and TheHive. In both cases, I saw that it was necessary to configure a reverse proxy. I did this and it works, I have access to Cortex address https://192.168.x.x. On the other hand, I still have access via the client at the address http://192.168.1.x.x:9001. So I disabled port 9001 in the firewall.
Then on the side of TheHive, I indicated the new Cortex address: https ... But it no longer works, what should I configure?
EDIT : with this line in applicant.conf of thehive : wsConfig.ssl.loose.acceptAnyCertificate