You are here: Additional Resources > Custom SSL Certificates > Enable Connections with Smart Card or CAC Card

Enable Connections with Smart Card or CAC Card

Once the CAcert has been created for the smart card, CAC, or similar device, you must create corresponding Nessus users. During this process, the users created must match the CN used on the card that the user will use to connect.

  1. On the Nessus server, run the nessus-mkcert-client command.

  2. Fill in the fields as prompted. The process is identical on a Linux or Windows server. The user name must match the CN supplied by the certificate on the card.

    Tip: Client certificates are created in a randomized temporary directory appropriate to the system. The temporary directory will be identified on the line beginning with "Your client certificates are in". For the use of card authentication, these certificates are not needed and may be deleted.

Once created, a user with the proper card may access the Nessus server and authenticate automatically once their PIN or similar secret is provided.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.