On 09/11/07 03:39, Patrice Arnal wrote: > By the way, is it possible to use our company generated certificates > instead of the Nessus provided certificates?
Certainly. I assume you're familiar with using certificates with Nessus in general. First, you'll need private keys / certificates signed by your company's CA for the Nessus servers themselves as well as for any users doing certificate-based authentication. Second, replace the keys / certificates generated by Nessus and update the configuration files for the servers and any clients as necessary to point to the new files. Don't forget to point each to your company's certificate authority! Third, if you're using certificate-based authentication, you'll need to update the 'dname' file for each user in the Nessus servers' users databases (eg, /opt/nessus/var/nessus/users/*/auth/dname) with the correct subjects from the new user certs. Finally, make sure the users are aware you've done this; otherwise you'll (hopefully :-) get support calls when they connect with a Nessus client and are told a server's certificate has changed. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
