They are! So it is that those cert generation scripts don't change the cert of the scanner... Then how it works for the first time?
Thanks for your help Adam.H On Tue, Dec 15, 2015 at 3:42 PM, Helmut Koers <[email protected]> wrote: > In case you create new certificates, you have to update manager's record > of the certificates used for that scanner? > > https://svn.wald.intevation.org/svn/openvas/trunk/openvas-manager/INSTALL > -> "Updating Scanner Certificates" > > > 15.12.2015----08:04:44"Openvas-discuss" < > [email protected]> wrote on 15.12.2015 08:04:44: > > > From: ad > amhj <[email protected]>> To: Eero Volotinen <e > [email protected]>, > Cc: "[email protected]" > <openvas- > > discu > [email protected]>> > Date: 15.12.2015 08:05> Subject: Re: [Openvas-discuss] Can not start > scanning > in openvas on kali 2.0> Sent by: "Openvas-discuss" <openvas-discuss-bounc > [email protected]>> > > Ok, I've fixed the problem by clean all directories named openvas on > > disk and resintal > > led openvas with apt.. > > But the problem comes back as i re-generated those cer > ts for a long lifetime > > What I did is: > > ------------------------------------ > --- > > openvas-mkcert -f> [follow the prompt to fill in CA/ > server cert infomation]> openvas-mkcert-client -i > > [follow the prompt to fill in > client cert infomation]> [restart manager, scanner > and greenbone service]> ----------------- > ---------------------- > > New generated certs can pass those openssl tests in the openvas- > > setup script, but when it come to a scan, the tls error comes again: > > --------------------------------------- > > lib serv:WARNING:2015-12-15 06h51.51 UTC:25599: Failed to shake > > hands with peer: The TLS connection was non-properly terminated. > > lib serv:WARNING:2015-12-15 06h51.51 UTC:25599: Failed to shutdown > > server socket > > event task:MESSAGE:2015-12-15 06h51.51 UTC:25599: Task 60bd5e91- > > edd2-4757-b0dd-fd173d28eafd could not be started by admin > > ----------------- > ---------------------- > > Did I do something wrong? It seems like that openvas has remembered > > the first certs I generated after a clean install and rejected newer > > ones. What is the correct way t > o replace > these certs? > > Regards,> Adam.H_______________________________________________ > > Openvas-discuss mailing list > > [email protected] > > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
