By default, Nessus is installed and managed using HTTPS and SSL uses port 8834. The default installation of Nessus uses a self-signed SSL certificate.
During the web-based portion of the Nessus installation, the following message regarding SSL appears:
You are likely to get a security alert from your web browser saying that the SSL certificate is invalid. You may either choose to temporarily accept the risk, or you can obtain a valid SSL certificate from a registrar.
This information refers to a security related message you encounter when accessing the Nessus UI (https://[server IP]:8834).
Example Security Warning
- a connection privacy problem
- an untrusted site
- an unsecure connection
Because Nessus is providing a self-signed SSL certificate, this is expected and normal behavior.
Bypassing SSL warnings
Based on the browser you are using, use the steps below to proceed to the Nessus login page.
Select Advanced, and then Proceed to example.com (unsafe).
Select I Understand the Risks, and then select Add Exception.
Next select Get Certificate, and finally select Confirm Security Exception.