Security Warnings

By default, Tenable Nessus is installed and managed using HTTPS and SSL uses port 8834. The default installation of Tenable Nessus uses a self-signed SSL certificate.

During the web-based portion of the Tenable Nessus installation, the following message regarding SSL appears:

You are likely to get a security alert from your browser saying that the SSL certificate is invalid. You may either choose to accept the risk temporarily, or you can obtain a valid SSL certificate from a registrar.

This information refers to a security-related message you encounter when accessing the Tenable Nessus user interface (https://[server IP]:8834).

Example Security Warning

  • A connection privacy problem
  • An untrusted site
  • An unsecure connection

Because Tenable Nessus is providing a self-signed SSL certificate, this is normal behavior.

Bypassing SSL Warnings

Based on the browser you are using, use the following steps to proceed to the Tenable Nessus login page.

Browser Instructions

Google Chrome and Microsoft Edge

Select Advanced, and then Proceed to (unsafe).

Note: Some instances of Google Chrome and Microsoft Edge do not allow you to proceed. If this happens, Tenable recommends using a different browser, such as Safari or Mozilla Firefox.

Mozilla Firefox

Select I Understand the Risks, and then select Add Exception.

Next select Get Certificate, and finally select Confirm Security Exception.