TOC & Recently Viewed

Recently Viewed Topics

Upgrade SecurityCenter

Note: This topic assumes a basic understanding of Linux.

Caution: During the upgrade process, SecurityCenter produces a log file in a temporary location: /tmp/sc.install.log. Once the installation process finishes, the file is stored here: /opt/sc/admin/logs/install.log. Do not remove or modify these files; they are important for debugging in case of a failed upgrade.

For information about new features, resolved issues, third-party product updates, and supported upgrade paths, see the release notes for SecurityCenter 5.8.x.

To upgrade to SecurityCenter 5.8.x:

  1. Download the new RPM from the Tenable Support Portal to your SecurityCenter server.
  2. Confirm that no scans are in progress. If necessary, manually pause scans (you can resume them after the update).
  3. Prepare the upgrade command you intend to run:

    • Use rpm with the “-Uvh” switches from the command-line of the SecurityCenter server.
    • Use “sudo -i” when performing sudo upgrades of SecurityCenter to ensure the proper use of environmental variables.

    For example:

    # rpm -Uvh SecurityCenter-x.x.x-el6.x86_64.rpm

    - or -

    # rpm -Uvh SecurityCenter-x.x.x-el7.x86_64.rpm

    The upgrade begins. SecurityCenter is not available until the upgrade finishes.

    # rpm -Uvh SecurityCenter-x.x.x-el6.x86_64.rpm

    Preparing...                ########################################### [100%]

    Shutting down SecurityCenter services: [  OK  ]

    Backing up previous application files ... complete.

       1:SecurityCenter         ########################################### [100%]

     

    Applying database updates ... complete.

    Beginning data migration.

    Starting plugins database migration...complete.

    (1 of 4) Converting Repository 1 ...  complete.

    (2 of 4) Converting Repository 2 ...  complete.

    (3 of 4) Converting Repository 3 ...  complete.

    (4 of 4) Converting Repository 4 ...  complete.

    Migration complete.

    Starting SecurityCenter services: [  OK  ]

    ~]#

If custom Apache SSL certificates are in use prior to the upgrade, the SecurityCenter backs the certificates up as part of the upgrade process. SecurityCenter copies the existing custom SSL certificates to the Apache configuration backup directory that the upgrade process creates in the /tmp/[version].apache.conf-######## directory. The exact name of the directory varies, but the system displays the name during the upgrade process, as well as reports it in the /opt/sc/admin/log/install.log file.

To restore custom SSL certificates after upgrade:

  1. Type the following command:

    # cp /tmp/[version].apache.conf-########/SecurityCenter.cert /opt/sc/support/conf/SecurityCenter.crt
  2. Select yes to overwrite the existing file.

  3. Type the following command:

    # cp /tmp/[version].apache.conf-########/SecurityCenter.pem /opt/sc/support/conf/SecurityCenter.key
  4. Select yes to overwrite the existing file).

    Caution: Ensure that the newly copied files have permissions of 0640 and ownership of tns:tns.

  5. Modify the servername parameter in /opt/sc/support/conf/servername to match the Common Name (CN) of the SSL certificate.

    Tip: To obtain the CN, run the following command and note the CN= portion of the result.

    # /opt/sc/support/bin/openssl verify /opt/sc/support/conf/SecurityCenter.crt
  6. Restart the Apache server with one of the following commands:

    # /opt/sc/support/bin/apachectl restart

    -or-

    # service SecurityCenter restart

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.