Certificates and Certificate Authorities
Tenable Nessus includes the following defaults:
The default Tenable Nessus SSL certificate and key, which consists of two files: servercert.pem and serverkey.pem.
- A Tenable Nessus certificate authority (CA), which signs the default Tenable Nessus SSL certificate. The CA consists of two files: cacert.pem and cakey.pem.
However, you may want to upload your own certificates or CAs for advanced configurations or to resolve scanning issues. For more information, see:
- Custom SSL Server Certificates — View an overview of Tenable Nessus SSL server certificates and troubleshoot common certificate problems.
- Create a New Server Certificate and CA Certificate — If you do not have your own custom CA and server certificate, you can use Tenable Nessus to create a new server certificate and CA certificate.
- Upload a Custom Server Certificate and CA Certificate — Replace the default certificate that ships with Tenable Nessus.
- Create SSL Client Certificates for Login — Create an SSL client certificate to log in to Tenable Nessus instead of using a username and password.
- Trust a Custom CA — Add a custom root CA to the list of CAs that Tenable Nessus trusts.
- Tenable Nessus Manager Certificates and Tenable Nessus Agent — Understand the certificate chain between Tenable Nessus Manager and Tenable Nessus Agents and troubleshoot issues.