Regenerate the Tenable Security Center Server Certificate
Required Tenable Security Center User Role: tns user
Required Tenable Security Center User Role: Root user
Tenable Security Center ships with a default server certificate that is valid for two years. After the certificate expires, you must regenerate the SSL certificate.
To regenerate the Tenable Security Center SSL certificate:
-
Log in to Tenable Security Center via the command line interface (CLI).
-
In the CLI in Tenable Security Center, run the following command to switch to the tns user:
su - tns
-
As the tns user, run the following command:
/opt/sc/support/bin/php /opt/sc/src/tools/installSSLCertificate.php
(Optional) If you want to suppress the self-signed warning or specify a Common Name, include an optional argument.
Argument Description -q Suppresses the warning: This script generates a self-signed SSL certificate, which is not recommended for production. -h <IP|host name> Specifies an IP address or hostname that will be used as the Common Name for the certificate. Tenable Security Center generates a new certificate.
-
Run the following command to exit the tns user:
exit
-
As the root user, run the following command to restart the Tenable Security Center service:
# service SecurityCenter restart
The service restarts and Tenable Security Center applies the new certificate.