On Mon, 30 Dec 2002 [EMAIL PROTECTED] wrote:
> Hi. I recently installed nessus, and got nessusd to run without
> problems, but my attempts to log in to nessus fail with an "SSL
> error":
>
> # nessus
> SSL_CTX_load_verify_locations[18486]: error:06065064:digital envelope
> routines:EVP_DecryptFinal:bad decrypt
^^^^^^^^^^^ here's where problem starts
> My ~/.nessusrc file is:
>
> cert_file=/root/ssl/clientcert.pem
> key_file=/root/ssl/clientkey.pem
> ssl_version=SSLv3
> trusted_ca=/usr/local/openssl/private/cacert.pem
> nessusd_host=localhost
> nessusd_user=root
> paranoia_level=3
>
> ...and the relevant portion of nessusd.conf is:
>
> admin_user = root
> cert_file=/usr/local/com/nessus/CA/servercert.pem
> key_file=/usr/local/var/nessus/CA/serverkey.pem
> ca_file=/usr/local/openssl/private/cacert.pem
> ssl_version=SSLv3
> pem_password=...
> force_pubkey_auth = yes
Looks like a problem with the passphrase with your server's private key.
Are you sure you specified it properly in setting pem_password in
nessusd.conf? What happens if you run " openssl s_client -connect
localhost:1241 -ssl3 -cert /root/ssl/clientcert.pem -CAfile
/usr/local/openssl/private/cacert.pem" from a commandline to connect to
nessusd directly?
George
--
[EMAIL PROTECTED]
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
