Re: NessusWX: Server =?windows-1252?Q?doesn=92t_have_valid_?= =?windows-1252?Q?X=2E509_certificate?=

[Max]

You need to import the certificates created by nessus into nessusWX. Look under the file menu and get the files from nessus-mkcert-client Have a look at the FAQ for more details >> http://www.nessus.org/doc/faq.html#Q.CYPHER.CERT2WX -- Max Terje Tollisen wrote: <Warning: newbie alert> I’ve looked through the archive, but did not find an answer to my problem. I have installed nessus on a Linux (SuSE) box, and I’m trying to connect to it with NessusWX. I keep getting this error every time I connect: “Server doesn’t have valid X.509 certificate” I’m not sure if this is supposed to be the server as in the box where nessud is running, or the certificate for the nessusd itself. I can connect to the box using ssh, so there is defenetly a certificate on the box (I’m using Putty and WinSCP successfully). I might have messed something up after installation, so here’s what I did. *Finished the installation, seemingly successful. *Didn’t think about the nessus-mkcert, so I didn’t do that yet. *Added a user, “user1”, and set it to be local (will never be used since I have on graphical user interface to the box, so I should have dropped this). *Added a user, ”user1remote” to connect from anywhere and with no rules (not even default accep). *Ran nessus-mkcert *Start up nessusd using “nessusd –p 995 –D”. Port 995 is chosen because it is open through the F/W and allows ssl (I hope). *Fire up NessusWX, and try connecting on port 995. *I get the same error no matter which protocol I use. “Server doesn’t have valid X.509 certificate” *If I kill the nessusd I get a different message: “Cannot establish connection with the server”. This makes me believe the problem is with the nessus certificate. I was no intending to use a client certificate (at least not until it works with just passwords), so I haven’t done that yet. My config (/usr/local/etc/nessus/nessusd.conf) file looks like this (I haven’t touched it yet): ---------------------- # # Added by nessus-mkcert # cert_file=/usr/local/com/nessus/CA/servercert.pem key_file=/usr/local/var/nessus/CA/serverkey.pem ca_file=/usr/local/com/nessus/CA/cacert.pem # If you decide to protect your private key with a password, # uncomment and change next line # pem_password=password # If you want to force the use of a client certificate, uncomment next line # force_pubkey_auth = yes -------------------------------- All three certificate files exists in the correct locations. Can anyone help me out? Terry -