Hi,
I want to install openvas7 on ubuntu 14.04 and followed the following
steps at
http://www.mockel.se/index.php/2014/02/openvas-7-beta-on-ubuntu-14-04-lts-beta/
but when I checked my setup, it show following error message:
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner ...
ERROR: Old version of OpenVAS Scanner detected.
FIX: Please remove the installation of the old OpenVAS Scanner
(openvasd).
ERROR: Your OpenVAS-7 installation is not yet complete!
What I need to do at this stage.
Thanks and Regards,
Arun
On 05/12/2014 06:39 PM, Reindl Harald wrote:
they expire after a year, faced this a few months ago
i modified the scripts to generate certificates valid for 10 years
Am 12.05.2014 18:31, schrieb Russell Jones:
I believe I got it figured out - it was the "om" user's certificate that needed
to be updated. I had misinterpreted
and believed it was a certificate for our own user we login to GSAD with that
needed to be fixed.
After re-running openvas-mkcert-client -n om -i, then restarting all of the
openvas services, the daemons are
communicated with each other again and scans are running.
Thanks for the help!
On 5/12/2014 11:06 AM, Hani Benhabiles wrote:
Hi Russell,
On 2014-05-12 17:14, Russell Jones wrote:
Hi all,
We came in this morning to an OpenVAS installation that stopped all
scans at 1%. The openvassd.log file revealed:
[Sun May 11 06:00:12 2014][19746] [19746] failed to verify the peer
certificate:
[Sun May 11 06:00:12 2014][19746] [19746] The certificate has expired
[Sun May 11 06:00:12 2014][19746] [19746] The certificate is invalid
[Mon May 12 14:24:40 2014][20543] [20543] failed to verify the peer
certificate:
[Mon May 12 14:24:40 2014][20543] [20543] The certificate has expired
[Mon May 12 14:24:40 2014][20543] [20543] The certificate is invalid
[Mon May 12 14:24:40 2014][20545] [20545] failed to verify the peer
certificate:
[Mon May 12 14:24:40 2014][20545] [20545] The certificate has expired
[Mon May 12 14:24:40 2014][20545] [20545] The certificate is invalid
I have regenerated certificates via both openvas-mkcert and
openvas-mkcert-client. I manually installed the client certificates as
requested by the script. Unfortunately that has not corrected the
issue. I can login to GSAD as the admin user, and click "start" on a
task. However after doing that it immediately shows the error:
An internal error occurred while getting the filter list. The
current list of filters is not available. Diagnostics: Failure to
receive response from manager daemon.
The manager log shows:
md main:WARNING:2014-05-12 16h09.16 UTC:21624: read_from_server:
failed to read from server: A TLS packet with unexpected length was
received.
md main:WARNING:2014-05-12 16h09.21 UTC:21623: read_from_server:
failed to read from server: A TLS packet with unexpected length was
received.
Issue looks like it is related to the communication between the scanner and the
manager.
Have you restarted _both_ the openvassd and openvasmd processes after
recreating the certs ? Also, re-check that
you used the correct paths when copying the certs manually.
event task:MESSAGE:2014-05-12 16h09.21 UTC:21623: Status of task COM
- Weekly deep scan (d40d6eea-fb8b-44f9-8132-4262c19e3e9f) has changed
to Stopped
Restarting openvasmd reports:
lib auth: INFO:2014-05-12 16h12.06 utc:21660: Authentication
configuration not found.
Any ideas on how to get the setup back to a working state? I've
tried openvasmd --rebuild as well with no success. Not sure what else
it needs to be happy :-)
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
