Trust a Custom CA

Required Tenable Security Center User Role: tns user

You can configure Tenable Security Center Director to trust a custom CA for certificate authentication or other uses.

To configure Tenable Security Center Director to trust a custom CA:

Log in to Tenable Security Center Director via the user interface.
Copy the required PEM-encoded CA certificate (and intermediate CA certificate, if needed) to the Tenable Security Center Director server’s /tmp directory. In this example, the file is named ROOTCA2.cer.

Note: If you upload multiple certificates, you must upload each certificate individually in PEM format.
Run the installCA.php script to create the required files for each CA in /opt/sc/data/CA:

# /opt/sc/support/bin/php /opt/sc/src/tools/installCA.php /tmp/ROOTCA2.cer

Tenable Security Center Director processes all the CAs in the file.
Restart Tenable Security Center Director, as described in Start, Stop, or Restart Tenable Security Center Director.