TOC & Recently Viewed

Recently Viewed Topics

Create a Custom CA and Server Certificate

To create a custom CA and server certificate:

  1. (Optional) Create a new custom CA and server certificate for the Industrial Security server using the industrial-security-make-cert command. This places the certificates in the correct directories.

  2. When prompted for the host name, type the DNS name or IP address of the server in the browser (eg., https://hostname:8837/ or https://ipaddress:8837/). The default certificate uses the host name.
  3. If you wish to use a CA certificate instead of the Industrial Security generated one, make a copy of the self-signed CA certificate using the appropriate command for your OS:

    Operating System



    # cp /opt/industrial-security/var/industrial-security/ssl/cacert.pem /opt/industrial-security/var/industrial-security/ssl/ORIGcacert.pem


    copy \ProgramData\Tenable\industrial-security\industrial-security\ssl\cacert.pem C:\ProgramData\Tenable\industrial-security\industrial-security\ssl\ORIGcacert.pem

  4. If the authentication certificates are created by a CA other than the Industrial Security server, the CA certificate must be installed on the Industrial Security server. Copy the organization's CA certificate to the appropriate location for your OS:

    Operating System

    File Location





  5. Once the CA is in place, restart the Industrial Security services.

    After Industrial Security is configured with the proper CA certificate(s), users may log in to Industrial Security using SSL client certificates.

Copyright © 2020 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.