TOC & Recently Viewed

Recently Viewed Topics

Create a Nessus Client-Side Digital Certificate

To create a Nessus client digital certificate, run the commands and follow the prompts. Note that the defaults are in brackets.

# /opt/nessus/sbin/nessuscli nessuscli mkcert-client



Creation of the Nessus SSL Client Certificates



This script will now ask you for information to create SSL client certificates.


Nessus username for user: admin

admin already exists. Do you want to overwrite their credentials? (y/n) [n]: y

Client certificate life time in days [365]:

Two letter country code [US]: US

State or province name [NY]: MD

City [New York]: Columbia

Organization [Nessus Users United]: Tenable Network Security

Organizational unit [nessus-users]: nessus-admins

Email []:


--- Confirmation ---

Username: admin

Client certificate life time in days: 365

Country: US

State or province: MD

City: Columbia

Organization: Tenable Network Security

Organizational unit: nessus-admins


Is this ok? (y/n) [n]: y


Congratulations. Your client certificate was properly created.


The following files were created :

Nessus Client :

Certificate = /Library/Nessus/run/var/nessus/tmp/cert_admin.pem

Private key = /Library/Nessus/run/var/nessus/tmp/key_admin.pem


The certificate was successfully set for admin.


Create another cert? (y/n) [y]: n

Note: If the user already has credentials, such as a password, this script will overwrite any previous credentials. Also, updating the password of the account will remove the client certificate for authentication.

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable,, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.