Manualshelf

Specifications

ManualsBrandsRed Hat ManualsOtherCERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE
71727374757677787980
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
71
Your country (two letter code) [US]:
Your state or province name [NY]: MD
Your location (e.g. town) [New York]: Columbia
Your organization []: Content
Your organizational unit []: Tenable
**********
We are going to ask you some question for each client certificate
If some question have a default answer, you can force an empty answer by entering a
single dot '.'
*********
User #1 name (e.g. Nessus username) []: squirrel
Should this user be administrator? [n]: y
Country (two letter code) [US]:
State or province name [MD]:
Location (e.g. town) [Columbia]:
Organization [Content]:
Organizational unit [Tenable]:
e-mail []:
User rules
----------
nessusd has a rules system which allows you to restrict the hosts that firstuser has
the right to test. For instance, you may want him to be able to scan his own
host only.
Enter the rules for this user, and enter a BLANK LINE once you are done:
(the user can have an empty rules set)
User added to Nessus.
Another client certificate? [n]:
Your client certificates are in C:\Users\admin\AppData\Local\Temp\nessus-0000040e
You will have to copy them by hand
The client certificates will be placed in the temporary directory in Nessus: /opt/nessus/var/nessus/tmp/
in Linux, /Library/Nessus/run/var/nessus/tmp/ in Mac OS X, and
C:\programdata\tenable\nessus\tmp in Windows.
Windows installations of Nessus do not come with “man” pages (local manual instructions). Consult the
Tenable Support Portal for additional details on commonly used Nessus executables.
3. There will be two files created in the temporary directory, for example, cert_squirrel.pem and
key_squirrel.pem (where “squirrel” is the hostname of the system used in this example). These files must be
combined and exported into a format that may be imported into the web browser such as .pfx. This may be
accomplished with the openssl program and the following command:
# openssl pkcs12 -export -out combined_squirrel.pfx -inkey key_squirrel.pem -in
cert_squirrel.pem -chain -CAfile /opt/nessus/com/nessus/CA/cacert.pem -passout
pass: 'SecretWord' -name 'Nessus User Certificate for: squirrel'
The resulting file combined_squirrel.pfx will be created in the directory from which the command is
launched. This file must then be imported into the web browser’s personal certificate store.