Certificates and Certificate Authorities
Nessus includes the following defaults:
-
The default Nessus SSL certificate and key, which consists of two files: servercert.pem and serverkey.pem.
- A Nessus certificate authority (CA), which signs the default Nessus SSL certificate. The CA consists of two files: cacert.pem and cakey.pem.
However, you may want to upload your own certificates or CAs for advanced configurations or to resolve scanning issues. For more information, see:
- Custom SSL Server Certificates — View an overview of Nessus SSL server certificates and troubleshoot common certificate problems.
- Create a New Server Certificate and CA Certificate — If you do not have your own custom CA and server certificate, you can use Nessus to create a new server certificate and CA certificate.
- Upload a Custom Server Certificate and CA Certificate — Replace the default certificate that ships with Nessus.
- Create SSL Client Certificates for Login — Create an SSL client certificate to log in to Nessus instead of using a username and password.
- Trust a Custom CA — Add a custom root CA to the list of CAs that Nessus trusts.
- Nessus Manager Certificates and Nessus Agent — Understand the certificate chain between Nessus Manager and Nessus Agents and troubleshoot issues.
|
Operating System |
Directory |
|---|---|
|
Linux |
/opt/nessus/com/nessus/CA/servercert.pem /opt/nessus/var/nessus/CA/serverkey.pem /opt/nessus/com/nessus/CA/cacert.pem /opt/nessus/var/nessus/CA/cacert.key |
|
FreeBSD |
/usr/local/nessus/com/nessus/CA/servercert.pem /usr/local/nessus/var/nessus/CA/serverkey.pem /usr/local/nessus/com/nessus/CA/cacert.pem /usr/local/nessus/var/nessus/CA/cacert.key |
|
Windows |
C:\ProgramData\Tenable\Nessus\nessus\CA\servercert.pem C:\ProgramData\Tenable\Nessus\nessus\CA\serverkey.pem C:\ProgramData\Tenable\Nessus\nessus\CA\cacert.pem C:\ProgramData\Tenable\Nessus\nessus\CA\cacert.key |
|
macOS |
/Library/Nessus/run/com/nessus/CA/servercert.pem /Library/Nessus/run/var/nessus/CA/serverkey.pem /Library/Nessus/run/com/nessus/CA/cacert.pem /Library/Nessus/run/var/nessus/CA/cacert.key |