Installing a CA Signed SSL Certificate in SourceFire Defense Center 6.0

I don’t know about you, but self-signed certificates seem to trigger my IT OCD. When possible, I like to replace self-signed certs with one signed by our Active Directory CA. Here are the steps involved to replace the self-signed certificate on Cisco’s FirePOWER Management Center/SourceFire Defense Center with one signed by your internal Active Directory Certificate Authority.

  • In Defense Center, go to System -> Configuration -> HTTPS Certificate
  • Click “Generate New CSR”

sfcsr01

  • Fill out the Certificate Signing Request information, paying attention to the common name field. The common name should match the address you use to access defense center, e.g., defensecenter.domain.org

sfcsr02

  • Click generate, and copy/paste the certificate request output to notepad

sfcsr03

  • Next, navigate to your Certificate Services website and click “Request a Certificate”

sfcsr04

  • Click “Submit an advanced certificate request”

sfcsr05

  • Under “Saved Request,”paste your certificate request output from earlier and select the Web Server certificate template. Click Submit

sfcsr06

  • Download your newly generated certificate (Base64 encoded) and open it with your text editor of choice

sfcsr07sfcsr08

  • Copy the output of your cert and go back to Defense Center. Navigate to System -> Configuration -> HTTPS Certificate
  • Click Import HTTPS Certificate and paste your certificate information into “Server Certificate”

sfcsr01

sfcsr09

  • Click “Save” and you should now see your new certificate installed.
  • Reload Defense Center and you should now trust the web server (assuming of course you trust the root CA)

sfcsr10

Using the Built in TFTP Server on OS X El Capitan

On Windows I love the lightweight and open source TFTPD32, but there may come a time when you find youself needing to transfer some files and all you have is your trusty mac.

Luckily there’s a built in tftp daemon that you can use in a pinch.

By default tftpd uses the following folder:

/private/tftpboot

which is hidden in finder, but can be accessed by using “go to folder” or hitting Command+Shift+G and entering /private/tftpboot

osxtftp01

To launch the daemon run the following commands:

sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist
sudo launchctl start com.apple.tftpd

Be sure Read/Write/eXecute permissions are set on the tftpboot folder and any files you wish to transfer:

sudo chmod 777 /private/tftpboot
sudo chmod 777 /private/tftpboot/*

If you’ll be transferring a file TO your TFTP server, the file will technically need to exist on the server beforehand so create it with touch. For example:

sudo touch /private/tftpboot/running-config
sudo chmod 777 /private/tftpboot/running-config

If you’d like a graphical front end for launching tftp then check out the great TftpServer.

osxftp03

Now go ahead and get transferring.

osxtftp02

USB Serial Console Cable on OS X

Recently picked up a new usb cable for connecting to my network devices and needed a refresher on connecting to the console.

After installing device drivers (if necessary) and connecting the cable to your mac, open up a terminal and list the contents of your dev directory, filtering for devices with usb in their name.

ls /dev/*usb*

Find the proper tty device and use screen to open a connection on the port. You can specify the speed of 9600 but screen will use that value by default.

screen /dev/tty.usbmodem1421 9600

usbtty01

You should now find yourself on the console of your network device. To quit screen hold control-a and then hit \

usbtty02

usbtty