David, Gsad not being able to bind to a port is a whole other problem than as you described earlier with the certificates. Options:
- Stop Apache - Do not bind Apache to port 80 - Make gsad bind to another port then 80 (or others which are already in use) You can tell gsad where and how to bind, for example: gsad -p 443 --listen=0.0.0.0 --mlisten=127.0.0.1 --mport=9390 --ssl-private-key=/etc/ssl/priv.key --ssl-certificate=/etc/ssl/cert.crt --http-sts --gnutls-priorities="NORMAL:-VER S-TLS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-256-CBC" This makes it listen on port 443 using the -p options. See --help for all the possible arguments. Thijs Stuurman Security Operations Center | KPN Internedservices B.V. thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/thijsstuurman -----Oorspronkelijk bericht----- Van: David Rericha [mailto:d.reri...@healthcareoss.com] Verzonden: dinsdag 17 oktober 2017 15:32 Aan: Thijs Stuurman <thijs.stuur...@internedservices.nl>; openvas-discuss@wald.intevation.org Onderwerp: Re: [Openvas-discuss] Start Task: 503 - Service temporarily down Thanks, Thjs for your suggestion. I thought i did run this command but reran it just to make sure. However the same behavior exists. The only relevant information I found in the logs was in gsad.log. gsad tries to bind to port 80 but that port is being used by apache. Here is the entire log: gsad main: DEBUG:2017-10-17 13h25.13 utc:29285: main: gettext translation extensions are enabled (using locale "en_US.UTF-8"). gsad main:WARNING:2017-10-17 13h25.13 utc:29287: MHD: Failed to bind to port 80: Address already in use gsad main:WARNING:2017-10-17 13h25.13 utc:29287: main: start_http_daemon redirect failed ! gsad main:WARNING:2017-10-17 13h25.56 utc:29286: MHD: Failed to receive data: A TLS fatal alert has been received. gsad main:WARNING:2017-10-17 13h25.56 utc:29286: MHD: Error: received handshake message out of context Any ideas? On 10/16/2017 10:04 AM, Thijs Stuurman wrote: > *It got renamed, sorry; search for openvas-manage-certs: > > """ > :/opt/openvas/bin# ./openvas-manage-certs --help Illegal option -- > Usage: > ./openvas-manage-certs [OPTION] - Manage certificate infrastructure for an > Ope > nVAS installation > > Options: > -h Print help > -a Automatically set up default infrastructure for OpenVAS > """ > > Just running it with -a should do the trick. > > > Thijs Stuurman > Security Operations Center | KPN Internedservices B.V. > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 > (https://pgp.surfnet.nl/) > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > W: https://www.internedservices.nl | L: > http://nl.linkedin.com/in/thijsstuurman > > > -----Oorspronkelijk bericht----- > Van: Openvas-discuss > [mailto:openvas-discuss-boun...@wald.intevation.org] Namens Thijs > Stuurman > Verzonden: maandag 16 oktober 2017 17:03 > Aan: David Rericha <d.reri...@healthcareoss.com>; > openvas-discuss@wald.intevation.org > Onderwerp: Re: [Openvas-discuss] Start Task: 503 - Service temporarily > down > > David, > > Did you run "openvas-mkcert" during your OpenVAS installation to setup and > configure the certificates for the TLS communication between the services? > > > Thijs Stuurman > Security Operations Center | KPN Internedservices B.V. > thijs.stuur...@internedservices.nl | thijs.stuur...@kpn.com > T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 > (https://pgp.surfnet.nl/) > Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 > > W: https://www.internedservices.nl | L: > http://nl.linkedin.com/in/thijsstuurman > > > -----Oorspronkelijk bericht----- > Van: Openvas-discuss > [mailto:openvas-discuss-boun...@wald.intevation.org] Namens David > Rericha > Verzonden: maandag 16 oktober 2017 16:53 > Aan: openvas-discuss@wald.intevation.org > Onderwerp: [Openvas-discuss] Start Task: 503 - Service temporarily > down > > Hello. I am running greenbone version 9. I logged in at > https://localhost:9392, created a new task and tried to run it and got the > following: > > Operation: Start Task > Status code: 503 > Status message: Service temporarily down > > openvasmd.log reads: > > lib serv:WARNING:2017-10-16 14h37.22 UTC:714: Failed to shake hands > with > peer: The TLS connection was non-properly terminated. > lib serv:WARNING:2017-10-16 14h37.22 UTC:714: Failed to shutdown > server socket event task:MESSAGE:2017-10-16 14h37.22 UTC:714: Task > Penetration Task > (6d5e4c84-1ff1-4115-b2aa-7cf3f7bf6d75) could not be started by admin > > Any help would be appreciated. Thanks, > > -- > David J. Rericha > Project Manager > Open Software Solutions, LLC > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-dis > cuss _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-dis > cuss > > _______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
