Yes, system clock is on correct time. I even tried to copy certificates from a fresh/working installation to an updated/not working one and ran into the same issues. May there be a link to the certificates anywhere, that need to be updated?
08.11.2015----18:06:[email protected] wrote on 08.11.2015 18:06:42: > From: Eero Volotinen <[email protected]>> To: Helmut Koers <HK [email protected]>, > Cc: "[email protected]" <openvas- > discu [email protected]>> Date: 08.11.2015 18:06> Subject: Re: [Openvas-discuss] S ervice temporarily down> Sent by: eer [email protected]> > Is the system clock o n corr ect time? > > --> Eero> > 2015-11-08 20:02 GMT+03:00 Helmut Koers <H [email protected]>:> It loads the certificates exactly from the place I looked at, as you can > see below. > > open("/var/lib/openvas/private/CA/serverkey.pem", O_RDONLY) = 5 > open("/var/lib/openvas/CA/servercert.pem", O_RDONLY) = 5 > open("/var/lib/openvas/CA/cacert.pem", O_RDONLY) = 5 > > I did a clean installation of Debian Jessie and OpenVAS8 using latest > install media, and am having the same issues after renewing certificates > as mentioned before. > > > 06.11.2015----16:53:[email protected] wrote on 06.11.2015 > 16:53:54: > > > From: Eero Volotinen > <[email protected]>> To: Helmut Koers <HK > [email protected]>, > Cc: openvas-disc > [email protected]> > Date: 06.11.2015 16:53> Subject: Re: [Openvas-discuss] S > ervice temporarily down> Sent by: eer > o [email protected]>> > Well, you could start openvasmd under strace like this strace -f -e > > open openvasmd and look wher > e it open certificates.> Maybe you are l > ooking > in wrong place..> Eero> 6.11.2015 3.51 ip. "Helmut Koers" <[email protected] > ellmann.net> kirjoitti:> Yes, I have tried both, deleting client, server > and ca certs as well as > > cert and keys (.../var/lib/openvas/CA/ und > > .../var/lib/openvas/private/CA/), which then have been newly created. > I've > > tried it several time, but here was not difference, I am am still seeing > > the error message and am not able to execute a scan. > > > > > > 06.11.2015----13:29:[email protected] wrote on 06.11.2015 > > 13:29:56: > > > > > From: Eero Volotinen > > <[email protected]>> To: Helmut Koers <HK > > [email protected]>, > Cc: openvas-disc > > [email protected]> > > Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S > > ervice temporarily down> Sent by: eer > > [email protected]> > > > Well, did you really deleted server ca > > , cert > > and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers" <[email protected] > > ellmann.net> kirjoitti:> Unfortunately, that did not solve the issue, > same > > error in GSAD than > > > before. > > > > > > Not sure if I got the right error message in openvasmd.log before, now > I > > > see the following: > > > > > > lib serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: > > the > > > certificate is not trusted > > > lib serv:WARNING:2015-11-06 11h51.21 CET:7977: openvas_server_verify: > > the > > > certificate hasn't got a known issuer > > > event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task > > > c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by ovadmin > > > > > > I repeated the actions I have been received, but no change. > > > > > > > > > 06.11.2015----10:59:[email protected] wrote on 06.11.2015 > > > 10:59:20: > > > > > > > From: Eero Volotinen > > > <[email protected]>> To: Helmut Koers <HK > > > [email protected]>, > Cc: openvas-disc > > > [email protected]> > > > Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S > > > ervice temporarily down> Sent by: eer > > > [email protected]> > > > > Try to delete old ca and certs and then regener > > > ate & > > > restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers" > <[email protected] > > > ellmann.net> kirjoitti:> Hi all, > > > > after renewing OpenVAS certificates as requested: > > > > > > > > openvas-mkcert -f -q > > > > openvas-mkcert-client -n -i > > > > > > > > and reooting the entire system, I can't run a scan anymore getting > an > > > > error message in GSAD saying: > > > > > > > > Operation: Start Task > > > > Status code: 503 > > > > Status message: Service temporarily down > > > > > > > > The openvasmd.log shows the following: > > > > > > > > lib serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake hands > > > with > > > > peer: The TLS connection was non-properly terminated. > > > > lib serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shutdown > > server > > > > socket > > > > event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task > > > > 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by admin > > > > > > > > I am running OpenVAS 8 on Debian Jessie. > > > > > > > > Any advice is appreciated. > > > > _______________________________________________ > > > > Openvas-discuss mailing list > > > > [email protected] > > > > > > > > > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
