You are here: Nessus Manager and Professional > Certificate Commands > Create a Nessus Client-Side Digital Certificate

Create a Nessus Client-Side Digital Certificate

To create a Nessus client digital certificate, run the commands and follow the prompts. Note that the defaults are in brackets.

# /opt/nessus/sbin/nessuscli nessuscli mkcert-client

 

-------------------------------------------------------------------------------

Creation of the Nessus SSL Client Certificates

-------------------------------------------------------------------------------

 

This script will now ask you for information to create SSL client certificates.

 

Nessus username for user: admin

admin already exists. Do you want to overwrite their credentials? (y/n) [n]: y

Client certificate life time in days [365]:

Two letter country code [US]: US

State or province name [NY]: MD

City [New York]: Columbia

Organization [Nessus Users United]: Tenable Network Security

Organizational unit [nessus-users]: nessus-admins

Email [none@none.com]: nessus-admin@example.org

 

--- Confirmation ---

Username: admin

Client certificate life time in days: 365

Country: US

State or province: MD

City: Columbia

Organization: Tenable Network Security

Organizational unit: nessus-admins

Email: nessus-admin@example.org

Is this ok? (y/n) [n]: y

 

Congratulations. Your client certificate was properly created.

 

The following files were created :

Nessus Client :

Certificate = /Library/Nessus/run/var/nessus/tmp/cert_admin.pem

Private key = /Library/Nessus/run/var/nessus/tmp/key_admin.pem

 

The certificate was successfully set for admin.

 

Create another cert? (y/n) [y]: n

Note: If the user already has credentials, such as a password, this script will overwrite any previous credentials. Also, updating the password of the account will remove the client certificate for authentication.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.