Installation guide

ManualsBrandsAbit ManualsComputer equipmentLicense Scanner

101

102

103

104

105

106

107

108

109

110

104

C:\Program

Files\Tenable\Nessus\

nessus\CA\servercert.

pem

This is the public

certificate for the Nessus

server that is sent in

response to a CSR.

C:\Program Files\Tenable\Nessus\nessus\CA\

on any additional Nessus servers that need to

authenticate using SSL.

C:\Program

Files\Tenable\Nessus\

nessus\CA\cakey.pem

This is the private key of

the Certificate Authority. It

may or may not be

provided by the Certificate

Authority, depending on if

they allow the creation of

sub users.

C:\Program Files\Tenable\Nessus\nessus\CA\

on any additional Nessus servers that need to

authenticate using SSL.

C:\Program

Files\Tenable\Nessus\

nessus\CA\serverkey.p

This is the private key of

the Nessus server.

C:\Program Files\Tenable\Nessus\nessus\CA\

on any additional Nessus servers that need to

authenticate using SSL.

Nessus Client Keys

The Nessus user, which in this case is the user ID that SecurityCenter uses to communicate with the Nessus server, is

created by the nessus-mkcert-client.exe executable located in C:\Program Files\Tenable\Nessus.

This command creates the keys for the Nessus clients and optionally registers them appropriately with the Nessus server

by associating a distinguished name (dname) with the user ID. It is important to respond “y” (yes) when prompted to

register the user with the Nessus server for this to take effect. The user name may vary and is referred to here as “user”.

The certificate filename will be a concatenation of “cert_”, the user name you entered and “.pem”. Additionally, the key

filename will be a concatenation of “key_”, the user name you entered and “.pem”.

The following files are created by this command:

File Name Created

Purpose

C:\Documents and

Settings\<UserAccount>\Local

Settings\Temp\nessus-

xxxxxxxx\cert_<user>.pem

This is the public certificate for the specified user.

C:\Documents and

Settings\<UserAccount>\Local

Settings\Temp\nessus-

xxxxxxxx\key_<user>.pem

This is the private key for the specified user.

C:\Program

Files\Tenable\Nessus\nessus\

users\<user_name>\auth\dname

This is the distinguished name to be associated with this user. The

distinguished name consists of a number of fields separated by commas in the

following format:

"/C={country}/ST={state}/L={location}/OU={organizational

unit}/O={organization/CN={common name}"

Creating and Deploying SSL Authentication for Nessus

Create Keys and User on Nessus Server

Create the Certificate Authority and Nessus server certificate using the nessus-mkcert.exe executable located in

C:\Program Files\Tenable\Nessus as follows: