Trust a Custom CA
Required User Role: tns user
You can configure Tenable Security Center to trust a custom CA for certificate authentication or other uses.
To configure Tenable Security Center to trust a custom CA:
-
Log in to Tenable Security Center via the user interface.
-
Copy the required PEM-encoded CA certificate (and intermediate CA certificate, if needed) to the Tenable Security Center server’s
/tmp
directory. In this example, the file is namedROOTCA2.cer
.Note: If you upload multiple certificates, you must upload each certificate individually in PEM format.
-
Run the
installCA.php
script to create the required files for each CA in/opt/sc/data/CA
:# /opt/sc/support/bin/php /opt/sc/src/tools/installCA.php /tmp/ROOTCA2.cer
Tenable Security Center processes all the CAs in the file.
-
Restart Tenable Security Center, as described in Start, Stop, or Restart Tenable Security Center.