User guide
Copyright © 2014. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
8
# nessuscli fix --secure --set proxy_port=[port]
# nessuscli fix --secure --set proxy_userame=[user]
# nessuscli fix --secure --set proxy_password=[password]
Nessus Command Line Certificate Commands
The nessuscli mkcert commands offer the ability to create Nessus-supported self-signed digital certificates from the
command line.
Creating a Nessus Server Digital Certificate
To create a Nessus server digital certificate, run the commands and follow the prompts. Note that the defaults are in
brackets.
# /opt/nessus/sbin/nessuscli mkcert
-------------------------------------------------------------------------------
Creation of the Nessus SSL Certificate
-------------------------------------------------------------------------------
This script will now ask you for information to create the SSL certificate
for Nessus. Note that this information will *NOT* be sent to anybody
(everything stays local), but anyone with the ability to connect to
your Nessus daemon will be able to retrieve this information.
CA certificate life time in days [1460]: 1460
Server certificate life time in days [365]: 365
Your two letter country code [US]: US
Your state or province name [NY]: MD
Your city [New York]: Columbia
Your organization [Nessus Users United]: Tenable Network Security
This host name [localhost]: nessus-server
--- Confirmation ---
CA certificate life time in days: 1460
Server certificate life time in days: 365
Country: US
State or province: MD
City: Columbia
Organization: Tenable Network Security
This host name: nessus-server
Is this ok? (y/n) [n]: y
Congratulations. Your server certificate was properly created.
The following files were created :
Certification authority :
Certificate = /opt/nessus/com/nessus/CA/cacert.pem
Private key = /opt/nessus/var/nessus/CA/cakey.pem
Nessus Server :
Certificate = /opt/nessus/com/nessus/CA/servercert.pem
Private key = /opt/nessus/var/nessus/CA/serverkey.pem
For more details on configuring Nessus with custom SSL certificates, see the Nessus 6 User Guide.