From 8f4460ba72440f5b42313832f4a2eedcd85a4d4b Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 1 Feb 2015 18:24:19 +0100
Subject: [PATCH] Minimal SSL certificate collector

---
 COLLECTOR.md | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 COLLECTOR.md

diff --git a/COLLECTOR.md b/COLLECTOR.md
new file mode 100644
index 0000000..da894b2
--- /dev/null
+++ b/COLLECTOR.md
@@ -0,0 +1,38 @@
+
+Building your own SSL certificate collector
+===========================================
+
+In order to build your own collector box for SSL certificate, ssldump
+is required. The best is clone my ssldump version including recent
+patches and some fixes for tapping monitored uplinks.
+
+~~~~
+git clone https://github.com/adulau/ssldump.git
+cd ssldump
+./configure --with-pcap-lib=/usr/lib/x86_64-linux-gnu/
+~~~~
+
+ssldump needs to be built *WITHOUT* OpenSSL support. We gather the raw
+certificate extracted with ssldump directly.
+
+Starting collection
+===================
+
+To test the compiled ssldump binary:
+
+~~~~
+cd ssldump
+sudo ./ssldump -ANn -i eth1
+~~~~
+
+To test the parsing of the raw certificates:
+
+~~~~
+cd ssldump
+sudo ./ssldump -ANn -i eth1 | python ../crl-monitor/bin/x509/pcal-sslcert.py -v
+~~~~
+
+Feeding the certificate store:
+
+
+