Well, that might be related to Debian or something else. As I don't use Debian as my primary platform, it's a bit complex to say :) Atomic Corp provides working openvas8 rpm-packages and they work fine. Is there really recent debian packages for openvas8 or it is source installation only?
Usually problem might be related to some incorrect library versions. -- Eero 2015-11-09 13:21 GMT+02:00 Helmut Koers <hko...@de.hellmann.net>: > So that seems to be related to Debian? May it have something to do with > the fact that OpenVAS did no find any vulnerabilities in regards to > certificates anymore, without applying any custom load commands? > > > 09.11.2015----09:43:42eero.t.voloti...@gmail.com wrote on 09.11.2015 > 09:43:42: > > > From: Eero Volotinen > <eero.voloti...@iki.fi>> To: Helmut Koers <HK > o...@de.hellmann.net>, > Cc: "openvas-discuss@wald.intevation.org" > <openvas- > > discu > s...@wald.intevation.org>> > Date: 09.11.2015 09:43> Subject: Re: [Openvas-discuss] S > ervice temporarily down> Sent by: eer > o.t.voloti...@gmail.com> > > Well, works fine for me. I am using Centos > 7 and latest OpenVAS8.> > > Maybe you should al > so try > with C > entos 7 :)> > > --> Eero> > > 2015-11-09 9:55 GMT+02:00 Helmut Koers <H > ko...@de.hellmann.net>:> Yes, system clock is on correct time. > > > > I even tried to copy certificates from a fresh/working installation to > an > > updated/not working one and ran into the same issues. May there be a > link > > to the certificates anywhere, that need to be updated? > > > > > > 08.11.2015----18:06:42eero.t.voloti...@gmail.com wrote on 08.11.2015 > > 18:06:42: > > > > > From: Eero Volotinen > > <eero.voloti...@iki.fi>> To: Helmut Koers <HK > > o...@de.hellmann.net>, > Cc: "openvas-discuss@wald.intevation.org" > > <openvas- > > > discu > > s...@wald.intevation.org>> > > Date: 08.11.2015 18:06> Subject: Re: [Openvas-discuss] S > > ervice temporarily down> Sent by: eer > > o.t.voloti...@gmail.com> > > > Is the system clock o > > n corr > > ect time? > > > > > > --> Eero> > > > 2015-11-08 20:02 GMT+03:00 Helmut Koers <H > > ko...@de.hellmann.net>:> It loads the certificates > exactly from the place> I looked at, as you can > > > see below. > > > > > > open("/var/lib/openvas/private/CA/serverkey.pem", O_RDONLY) = 5 > > > open("/var/lib/openvas/CA/servercert.pem", O_RDONLY) = 5 > > > open("/var/lib/openvas/CA/cacert.pem", O_RDONLY) = 5 > > > > > > I did a clean installation of Debian Jessie and OpenVAS8 using latest > > > install media, and am having the same issues after renewing > certificates > > > as mentioned before. > > > > > > > > > 06.11.2015----16:53:54eero.t.voloti...@gmail.com wrote on 06.11.2015 > > > 16:53:54: > > > > > > > From: Eero Volotinen > > > <eero.voloti...@iki.fi>> To: Helmut Koers <HK > > > o...@de.hellmann.net>, > Cc: openvas-disc > > > u...@wald.intevation.org> > > > Date: 06.11.2015 16:53> Subject: Re: [Openvas-discuss] S > > > ervice temporarily down> Sent by: eer > > > o > > .t.voloti...@gmail.com>> > Well, you could start openvasmd under strace > > like this strace -f -e > > > > open openvasmd and look wher > > > e it open certificates.> Maybe you are l > > > ooking > > > in wrong place..> Eero> 6.11.2015 3.51 ip. "Helmut Koers" > <HKoers@de.h > > > ellmann.net> kirjoitti:> Yes, I have tried both, deleting client, > server > > > and ca certs as well as > > > > cert and keys (.../var/lib/openvas/CA/ und > > > > .../var/lib/openvas/private/CA/), which then have been newly > created. > > > I've > > > > tried it several time, but here was not difference, I am am still > > seeing > > > > the error message and am not able to execute a scan. > > > > > > > > > > > > 06.11.2015----13:29:56eero.t.voloti...@gmail.com wrote on 06.11.2015 > > > > 13:29:56: > > > > > > > > > From: Eero Volotinen > > > > <eero.voloti...@iki.fi>> To: Helmut Koers <HK > > > > o...@de.hellmann.net>, > Cc: openvas-disc > > > > u...@wald.intevation.org> > > > > Date: 06.11.2015 13:30> Subject: Re: [Openvas-discuss] S > > > > ervice temporarily down> Sent by: eer > > > > o.t.voloti...@gmail.com> > > > > > Well, did you really deleted server ca > > > > , cert > > > > and client cert?> Eero> 6.11.2015 12.57 ip. "Helmut Koers" > > <HKoers@de.h > > > > ellmann.net> kirjoitti:> Unfortunately, that did not solve the > issue, > > > same > > > > error in GSAD than > > > > > before. > > > > > > > > > > Not sure if I got the right error message in openvasmd.log before, > > now > > > I > > > > > see the following: > > > > > > > > > > lib serv:WARNING:2015-11-06 11h51.21 CET:7977: > > openvas_server_verify: > > > > the > > > > > certificate is not trusted > > > > > lib serv:WARNING:2015-11-06 11h51.21 CET:7977: > > openvas_server_verify: > > > > the > > > > > certificate hasn't got a known issuer > > > > > event task:MESSAGE:2015-11-06 11h51.21 CET:7977: Task > > > > > c0d4970e-cfa7-478f-9988-3dbfc3f11b52 could not be started by > ovadmin > > > > > > > > > > I repeated the actions I have been received, but no change. > > > > > > > > > > > > > > > 06.11.2015----10:59:20eero.t.voloti...@gmail.com wrote on > 06.11.2015 > > > > > 10:59:20: > > > > > > > > > > > From: Eero Volotinen > > > > > <eero.voloti...@iki.fi>> To: Helmut Koers <HK > > > > > o...@de.hellmann.net>, > Cc: openvas-disc > > > > > u...@wald.intevation.org> > > > > > Date: 06.11.2015 10:59> Subject: Re: [Openvas-discuss] S > > > > > ervice temporarily down> Sent by: eer > > > > > o.t.voloti...@gmail.com> > > > > > > Try to delete old ca and certs and then regener > > > > > ate & > > > > > restart services.> Eero> 6.11.2015 10.44 ap. "Helmut Koers" > > > <HKoers@de.h > > > > > ellmann.net> kirjoitti:> Hi all, > > > > > > after renewing OpenVAS certificates as requested: > > > > > > > > > > > > openvas-mkcert -f -q > > > > > > openvas-mkcert-client -n -i > > > > > > > > > > > > and reooting the entire system, I can't run a scan anymore > getting > > > an > > > > > > error message in GSAD saying: > > > > > > > > > > > > Operation: Start Task > > > > > > Status code: 503 > > > > > > Status message: Service temporarily down > > > > > > > > > > > > The openvasmd.log shows the following: > > > > > > > > > > > > lib serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to shake > > hands > > > > > with > > > > > > peer: The TLS connection was non-properly terminated. > > > > > > lib serv:WARNING:2015-11-06 09h36.44 CET:966: Failed to > shutdown > > > > server > > > > > > socket > > > > > > event task:MESSAGE:2015-11-06 09h36.44 CET:966: Task > > > > > > 2e6cc5ec-27e3-4f29-8e53-8b2e6af6c81d could not be started by > admin > > > > > > > > > > > > I am running OpenVAS 8 on Debian Jessie. > > > > > > > > > > > > Any advice is appreciated. > > > > > > _______________________________________________ > > > > > > Openvas-discuss mailing list > > > > > > Openvas-discuss@wald.intevation.org > > > > > > > > > > > > > > > > > > > > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss