Hello,
I am trying to get GSAD to use a new key and the certificate signed by my CA. I
did this once and it worked but now I get a lot of errors in openvasmd.log like:
md manage:WARNING:2017-07-11 07h01.51 utc:1344: manage_schedule: omp_start_task
and omp_resume_task failed
md manage:WARNING:2017-07-11 07h01.51 utc:1340: manage_schedule: omp_start_task
and omp_resume_task failed
lib serv:WARNING:2017-07-11 09h01.51 CEST:1342: Failed to gnutls_bye: Error
in the push function.
lib serv:WARNING:2017-07-11 09h01.51 CEST:1345: Failed to gnutls_bye: Error
in the push function.
md manage:WARNING:2017-07-11 07h01.51 utc:1337: manage_schedule: child failed
md manage:WARNING:2017-07-11 07h01.51 utc:1339: manage_schedule: child failed
I just switch out the files /usr/local/var/lib/openvas/CA/servercert.pem and
/usr/local/var/lib/openvas/private/CA/serverkey.pem. When I open GSA in my
Browser the Certificate looks fine, but my Manager just freaks out about it.
Any help is appreciated. Greetings,
Niklas Klein
Linux-Version:
Linux lx-openvas 3.16.0-4-amd64 #1 SMP Debian 3.16.39-1+deb8u1 (2017-02-22)
x86_64 GNU/Linux
openvas-check-setup output:
Step 1: Checking OpenVAS Scanner ...
OK: OpenVAS Scanner is present in version 5.0.8.
OK: OpenVAS Scanner CA Certificate is present as
/usr/local/var/lib/openvas/CA/cacert.pem.
OK: redis-server is present in version v=2.8.17.
OK: scanner (kb_location setting) is configured properly using the
redis-server socket: /tmp/redis.sock
OK: redis-server is running and listening on socket:
/tmp/redis.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: NVT collection in /usr/local/var/lib/openvas/plugins contains
53952 NVTs.
OK: Signature checking of NVTs is enabled in OpenVAS Scanner.
OK: The NVT cache in /usr/local/var/cache/openvas contains 54519
files for 53952 NVTs.
Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 6.0.10.
OK: OpenVAS Manager client certificate is present as
/usr/local/var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in
/usr/local/var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager
installation enabled.
OK: OpenVAS Manager database is at revision 146.
OK: OpenVAS Manager expects database at revision 146.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 53952 NVTs.
OK: At least one user exists.
OK: OpenVAS SCAP database found in
/usr/local/var/lib/openvas/scap-data/scap.db.
OK: OpenVAS CERT database found in
/usr/local/var/lib/openvas/cert-data/cert.db.
OK: xsltproc found.
Step 3: Checking user configuration ...
WARNING: Your password policy is empty.
SUGGEST: Edit the /usr/local/etc/openvas/pwpolicy.conf file to set
a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) ...
OK: Greenbone Security Assistant is present in version 6.0.12.
Step 5: Checking OpenVAS CLI ...
OK: OpenVAS CLI version 1.4.5.
Step 6: Checking Greenbone Security Desktop (GSD) ...
SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running ...
OK: netstat found, extended checks of the OpenVAS services enabled.
OK: OpenVAS Scanner is running and listening on all interfaces.
OK: OpenVAS Scanner is listening on port 9391, which is the default
port.
OK: OpenVAS Manager is running and listening on all interfaces.
OK: OpenVAS Manager is listening on port 9390, which is the default
port.
OK: Greenbone Security Assistant is running and listening on all
interfaces.
WARNING: Greenbone Security Assistant is listening on port 8080,
which is NOT the default port! (This is fine! NK)
SUGGEST: Ensure Greenbone Security Assistant is listening on one of
the following ports: 80, 443, 9392.
Step 8: Checking nmap installation ...
WARNING: Your version of nmap is not fully supported: 6.47
SUGGEST: You should install nmap 5.51 if you plan to use the nmap
NSE NVTs.
Step 10: Checking presence of optional tools ...
OK: pdflatex found.
OK: PDF generation successful. The PDF report format is likely to
work.
OK: ssh-keygen found, LSC credential generation for GNU/Linux
targets is likely to work.
OK: rpm found, LSC credential package generation for RPM based
targets is likely to work.
OK: alien found, LSC credential package generation for DEB based
targets is likely to work.
OK: nsis found, LSC credential package generation for Microsoft
Windows targets is likely to work.
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
