Am 07.11.2016 um 11:53 schrieb Ralph Schell [Bright]:
I have a calendar reminder to renew openvas client certificates.
i have renewed them for http(d).
do i need to renew them for openvas itself?
if so, how do i go about that?
does this have any effect on gsad? or is that for gsad?
-------- Weitergeleitete Nachricht --------
Betreff: Re: [Openvas-discuss] Service temporarily down - status code 503
Datum: Wed, 2 Nov 2016 16:10:47 +0100
Von: Reindl Harald <[email protected]>
Organisation: the lounge interactive design
An: [email protected]
interesting that one needs also "openvasmd --modify-scanner" and why in
the world are they only valid for 365 days?
"openvas-mkcert -f" asks and you can enter 3650
"openvas-mkcert-client -i -n" don't ask
frankly when you have everything except GSA configured to listen and
connect only on 127.0.0.1 that whole TLS dance is so useless
the website is BTW missing "systemctl stop openvas-gsa.service" at the
begin, otherwise the start-command don't make much sense
__________________________________________
on Fedora that would mean:
systemctl stop openvas-scanner.service openvas-manager.service
openvas-gsa.service
openvas-mkcert -f
openvas-mkcert-client -i -n
openvasmd --get-scanners
openvasmd --modify-scanner "08b69003-5fc2-4037-a479-93b440211c73"
--scanner-ca-pub /etc/pki/openvas/CA/cacert.pem --scanner-key-pub
/etc/pki/openvas/CA/clientcert.pem --scanner-key-priv
/etc/pki/openvas/private/CA/clientkey.pem
openvas-nvt-sync
openvasmd --rebuild
systemctl start openvas-manager
systemctl start openvas-gsa.service
__________________________________________
if the scan still fails it's likely because the scanner did fail to
start and so a "systemctl restart openvas-scanner.service" may help
Operation: Start Task
Status code: 503
Status message: Service temporarily down
? openvas-scanner.service - OpenVAS Scanner
Loaded: loaded (/etc/systemd/system/openvas-scanner.service;
enabled; vendor preset: disabled)
Active: failed (Result: signal) since Mi 2016-11-02 15:53:43 CET;
13min ago
Process: 707 ExecStart=/usr/sbin/openvassd -f $SCANNER_PORT
$SCANNER_LISTEN $SCANNER_SRCIP (code=killed, signal=KILL)
Main PID: 707 (code=killed, signal=KILL)
__________________________________________
Am 02.11.2016 um 09:32 schrieb Christian Fischer:
> Hi,
>
> On 28.10.2016 16:18, Marcin Szatkowski wrote:
>> I was also messing around with certificates so that might be one of
the issues. I went through countless troubleshooting steps and articles.
>
> the certificates are most likely your issue here. Have you also found
> this step-by-step tutorial how to create a fresh certificate setup which
> should solve your issue here:
>
> http://plugins.openvas.org/ova_503.txt
>
>> OpenVAS Scanner 5.0.5
>> OpenVAS Manager 6.0.8
>> Greenbone Security Assistant 6.0.10
>
> You might also want to update these components as they are quite
outdated:
>
> http://openvas.org/install-source.html
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
