Re: [Openvas-discuss] openvas gnutls bug again?

Reindl Harald Tue, 13 Nov 2012 03:32:09 -0800


Am 13.11.2012 12:13, schrieb Michael Meyer:
> *** Reindl Harald wrote:
> 
>> lib  serv:WARNING:2012-11-12 20h24.14 UTC:14752: openvas_server_connect: 
>> failed to shake hands with server: Error in the push function.
> 
> Hmm...last idea: Maybe some kind of certificate issue. 
> 
> Micha


unlikely

any certificate/key is a symlink to the same PEM file
which works because other way https-connection to
GSA would fail too, however i think it would make
sense to skip TLS/SSL for connections on 127.0.0.1
completly and only make the webinterface with https

[root@openvas:/var/log/openvas]$ ps aux | grep gsad
root     30806  0.0  0.2 391356  2824 ?        Sl   12:27   0:00 /usr/sbin/gsad 
--port=443
--ssl-private-key=/etc/openvas/openvas.thelounge.net.pem 
--ssl-certificate=/etc/openvas/openvas.thelounge.net.pem
--alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 --timeout=180

[root@openvas:/var/log/openvas]$ ls /etc/pki/openvas/CA/
insgesamt 0
lrwxrwxrwx 1 root root 38 2012-11-12 16:28 cacert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-12 16:28 clientcert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-12 16:28 clientkey.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-12 16:28 servercert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-12 16:28 serverkey.pem -> 
/etc/openvas/openvas.thelounge.net.pem

[root@openvas:/var/log/openvas]$ ls /var/lib/openvas/CA/
insgesamt 0
lrwxrwxrwx 1 root root 38 2011-12-18 19:45 cacert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-12 16:21 clientcert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-12 16:23 clientkey.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2011-12-18 19:45 servercert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-12 16:24 serverkey.pem -> 
/etc/openvas/openvas.thelounge.net.pem

[root@openvas:/var/log/openvas]$ ls /var/lib/openvas/private/CA/
insgesamt 0
lrwxrwxrwx 1 root root 38 2012-11-13 12:25 cacert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-13 12:25 clientcert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-13 12:26 clientkey.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-13 12:26 servercert.pem -> 
/etc/openvas/openvas.thelounge.net.pem
lrwxrwxrwx 1 root root 38 2012-11-13 12:26 serverkey.pem -> 
/etc/openvas/openvas.thelounge.net.pem

signature.asc
Description: OpenPGP digital signature

_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Re: [Openvas-discuss] openvas gnutls bug again?

Reply via email to