Upload a Custom Server Certificate

If you do not want to use the Tenable-provided server certificate, you can upload a custom server certificate to Tenable Core. For more information, see Manage the Server Certificate.

You cannot upload multiple custom server certificates to Tenable Core. Uploading a new file replaces the existing file.

Tip: By default, Tenable Core uses the same certificates for Tenable Core as well as Tenable Security Center. To use a different server certificate for your application, see Use Different Certificates for Tenable Core and Your Application.

Before you begin:

• Confirm your custom server certificate and key files use the *.der, *.pem, or *.crt extension.
• Move the custom server certificate and key files to a location accessible from your browser.

To upload a custom server certificate for Tenable Core:

1. Log in to Tenable Core via the user interface, as described in Log In to Tenable Core.

   The Tenable Core web user interface page appears.

2. In the left navigation pane, click SSL/TLS Certificates.

   The SSL/TLS Certificates page appears.

3. Click the System Certificate tab.

4. Locate the Update Certificate section in the SERVER CERTIFICATES section.

   

5. Provide your Server Certificate.

   1. Click Choose File.

      The upload window appears.

   2. Browse to and select the file.

      Tenable Core loads the file.

6. Provide your Server Key.

   1. Click Choose File.

      The upload window appears.

   2. Browse to and select the file.

      Tenable Core loads the file.

7. (Optional) If your custom server certificate is signed by a custom CA that requires an intermediate certificate to validate the custom server certificate, provide your Intermediate Certificate.

   1. Click Choose File.

      The upload window appears.

   2. Browse to and select the file.

      Tenable Core loads the file.

8. (Optional) If your custom server certificate is signed by a custom CA, upload your Custom Root CA Certificate.

   1. Click Choose File.

      The upload window appears.

   2. Browse to and select the file.

      Tenable Core loads the file.

9. Click Install Server Certificates.

   Tenable Core uploads the files. A success message appears to confirm the upload succeeded.

10. In the left navigation pane, click Services.

    The Services page appears.

11. Restart the Cockpit service, as described in Manage Services.

    The Cockpit service restarts and enables the new certificate.

12. Restart any applications the certificate is synced to.

    Note: If you do not restart your Tenable Core applications (for example, Security Center or Tenable Nessus) the new certificate may not be present.