Encrypting and Decrypting logs
To encrypt logs
-
Navigate to Core > Config > Add New > LogEncryption.
Add the certificate for encryption. -
Save and apply the config to the devices.
The client logs are encrypted with the given certificate.
Decrypting logs
To decrypt logs:
Prerequisite:
Ensure OpenSSL is installed.
Procedure
-
Run the following command in terminal
Openssl version LibreSSL 2.8.3
openssl smime -decrypt -in logs-encrypted.pc7 -inform DER -inkey privatekey.p12 -recip c.crt -out decrypted_file.zip -
Enter pass phrase for privatekey.p12: <enter the password here to decrypt if any>
-decrypt: This option tells OpenSSL that you want to decrypt a file.
-in logs-encrypted.pc7: Specifies the input encrypted file.
-inform DER: Specifies the input format of the encrypted file (DER format).
-inkey privatekey.p12: Specifies the private key file to use for decryption.
-recip c.crt : Specifies the recipient's certificate file.
-out decrypted_file.zip: Specifies the output file where the decrypted content is available.