Certificates and Certificate Authorities

Tenable Nessus includes the following defaults:

  • The default Tenable Nessus SSL certificate and key, which consists of two files: servercert.pem and serverkey.pem.

  • A Tenable Nessus certificate authority (CA), which signs the default Tenable Nessus SSL certificate. The CA consists of two files: cacert.pem and cakey.pem.

However, you may want to upload your own certificates or CAs for advanced configurations or to resolve scanning issues. For more information, see:

Location of Certificate Files

Operating System

Directory

Linux

/opt/nessus/com/nessus/CA/servercert.pem

/opt/nessus/var/nessus/CA/serverkey.pem

/opt/nessus/com/nessus/CA/cacert.pem

/opt/nessus/var/nessus/CA/cacert.key

FreeBSD

/usr/local/nessus/com/nessus/CA/servercert.pem

/usr/local/nessus/var/nessus/CA/serverkey.pem

/usr/local/nessus/com/nessus/CA/cacert.pem

/usr/local/nessus/var/nessus/CA/cacert.key

Windows

C:\ProgramData\Tenable\Nessus\nessus\CA\servercert.pem

C:\ProgramData\Tenable\Nessus\nessus\CA\serverkey.pem

C:\ProgramData\Tenable\Nessus\nessus\CA\cacert.pem

C:\ProgramData\Tenable\Nessus\nessus\CA\cacert.key

macOS

/Library/Nessus/run/com/nessus/CA/servercert.pem

/Library/Nessus/run/var/nessus/CA/serverkey.pem

/Library/Nessus/run/com/nessus/CA/cacert.pem

/Library/Nessus/run/var/nessus/CA/cacert.key