Recently Viewed Topics
Enable Connections with Smart Card or CAC Card
Once the CAcert has been created for the smart card, CAC, or similar device, you must create corresponding Nessus users. During this process, the users created must match the CN used on the card that the user will use to connect.
On the Nessus server, run the nessus-mkcert-client command.Linux
# /opt/nessus/sbin/nessuscli mkcert-clientWindows (Run as a local Administrator user):
C:\> cd C:\Program Files\Tenable\Nessus\
C:\Program Files\Tenable\Nessus> nessuscli.exe mkcert-client
Fill in the fields as prompted. The process is identical on a Linux or Windows server. The username must match the CN supplied by the certificate on the card.
Tip: Client certificates are created in a randomized temporary directory appropriate to the system. The temporary directory will be identified on the line beginning with "Your client certificates are in". For the use of card authentication, these certificates are not needed and may be deleted.
Once created, a user with the proper card may access the Nessus server and authenticate automatically once their PIN or similar secret is provided.