Installation guide

ManualsBrandsAbit ManualsComputer equipmentLicense Scanner

101

102

103

104

105

106

107

108

109

110

101

# /opt/nessus/sbin/nessus-mkcert-client

Do you want to register the users in the Nessus server

as soon as you create their certificates ? [n]: y

--------------------------------------------------------------------------

Creation Nessus SSL client Certificate

--------------------------------------------------------------------------

This script will now ask you the relevant information to create the SSL

client certificates for Nessus.

Client certificate life time in days [365]:

Your country (two letter code) [FR]: US

Your state or province name []: MD

Your location (e.g. town) [Paris]: Columbia

Your organization []: Tenable Network Security

Your organizational unit []:

**********

We are going to ask you some question for each client certificate

If some question have a default answer, you can force an empty answer by

entering a single dot '.'

*********

User #1 name (e.g. Nessus username) []: paul

User paul already exists

Do you want to go on and overwrite the credentials? [y]: y

Should this user be administrator? [n]: y

Country (two letter code) [US]:

State or province name [MD]:

Location (e.g. town) [Columbia]:

Organization [Tenable Network Security]:

Organizational unit []:

e-mail []:

User rules

----------

nessusd has a rules system which allows you to restrict the hosts

that $login has the right to test. For instance, you may want

him to be able to scan his own host only.

Please see the nessus-adduser(8) man page for the rules syntax

Enter the rules for this user, and enter a BLANK LINE once you are done:

(the user can have an empty rules set)

User added to Nessus.

Another client certificate? [n]: n

Your client certificates are in /tmp/nessus-043c22b5

You will have to copy them by hand

The certificates created contain the username entered previously, in this case “paul”, and are located in the directory as

listed in the example above (e.g., /tmp/nessus-043c22b5).

Create the nessuscert.pem Key

In the above specified tmp directory, the certificate and key files in this example are named “cert_paul.pem” and

“key_paul.pem”. These files must be concatenated to create nessuscert.pem as follows: