You are here: Nessus Manager and Professional > Certificate Commands > Create a Nessus Server Digital Certificate

Create a Nessus Server Digital Certificate

To create a Nessus server digital certificate, run the commands and follow the prompts. Note that the defaults are in brackets.

# /opt/nessus/sbin/nessuscli mkcert

 

-------------------------------------------------------------------------------

Creation of the Nessus SSL Certificate

-------------------------------------------------------------------------------

 

This script will now ask you for information to create the SSL certificate

for Nessus. Note that this information will *NOT* be sent to anybody

(everything stays local), but anyone with the ability to connect to

your Nessus daemon will be able to retrieve this information.

 

CA certificate life time in days [1460]: 1460

Server certificate life time in days [365]: 365

Your two letter country code [US]: US

Your state or province name [NY]: MD

Your city [New York]: Columbia

Your organization [Nessus Users United]: Tenable Network Security

This host name [localhost]: nessus-server

 

--- Confirmation ---

CA certificate life time in days: 1460

Server certificate life time in days: 365

Country: US

State or province: MD

City: Columbia

Organization: Tenable Network Security

This host name: nessus-server

Is this ok? (y/n) [n]: y

 

Congratulations. Your server certificate was properly created.

 

The following files were created :

Certification authority :

Certificate = /opt/nessus/com/nessus/CA/cacert.pem

Private key = /opt/nessus/var/nessus/CA/cakey.pem

Nessus Server :

Certificate = /opt/nessus/com/nessus/CA/servercert.pem

Private key = /opt/nessus/var/nessus/CA/serverkey.pem

For more details on configuring Nessus with custom SSL certificates, see the latest Nessus user guide.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.