Re: [Openvas-discuss] Scanner Master Slave setup

Fri, 23 Feb 2018 04:19:01 -0800 

According to the doc it says to use: 
${CMAKE_INSTALL_PREFIX}"/var/lib/openvas/CA/servercert.pem.
On CentOS 7 that turns out to be: /var/lib/openvas/CA/servercert.pem according 
to openvas-manage-certs -V
[root@pci-sec02 ~]# openvas-manage-certs -V
OK: Directory for keys (/var/lib/openvas/private/CA) exists.
OK: Directory for certificates (/var/lib/openvas/CA) exists.
OK: CA key found in /var/lib/openvas/private/CA/cakey.pem
OK: CA certificate found in /var/lib/openvas/CA/cacert.pem
OK: CA certificate verified.
OK: Certificate /var/lib/openvas/CA/servercert.pem verified.
OK: Certificate /var/lib/openvas/CA/clientcert.pem verified.

Is it not the servercert.pem from the slave openvas host that I am supposed to 
use?

Louis
:::::
Louis Bohm - Sr. Systems Engineer
        Dell TechDirect Certified

> On Feb 23, 2018, at 5:09 AM, Thijs Stuurman 
> <thijs.stuur...@internedservices.nl> wrote:
> 
> My best guess is that you didn’t load in the right CA certificate from your 
> slave at step:
>  
> CA Certificate: The certificate you gathered from the slave
>  
> Thijs Stuurman
> Security Operations Center | KPN Internedservices B.V.
> thijs.stuur...@internedservices.nl 
> <mailto:thijs.stuur...@internedservices.nl> | thijs.stuur...@kpn.com 
> <mailto:thijs.stuur...@kpn.com>
> T: +31(0)299476185 | M: +31(0)624366778
> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/ <https://pgp.surfnet.nl/>)
> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
>  
> W: https://www.internedservices.nl <https://www.internedservices.nl/> | L: 
> https://nl.linkedin.com/in/thijsstuurman 
> <https://nl.linkedin.com/in/thijsstuurman>
>  
> Van: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] 
> Namens Louis Bohm
> Verzonden: donderdag 22 februari 2018 19:11
> Aan: openvas-discuss@wald.intevation.org
> Onderwerp: [Openvas-discuss] Scanner Master Slave setup
>  
> I followed the following doc 
> https://blog.haardiek.org/setup-openvas-as-master-and-slave.html 
> <https://blog.haardiek.org/setup-openvas-as-master-and-slave.html> to set up 
> the master slave environment with the exception that I am doing this on 
> CentOS 7 with OpenVAS9.
>  
> On the master I am getting this:
> lib  serv:  DEBUG:2018-02-22 17h59.10 UTC:22888:    Connected to server 
> ‘op4us1opsscan01.domain.net <http://op4us1opsscan01.domain.net/>' port 9393.
> lib  serv:  DEBUG:2018-02-22 17h59.10 UTC:22888:    Shook hands with server 
> 'op4us1opsscan01.domain.net <http://op4us1opsscan01.domain.net/>' port 9393.
> lib  serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the 
> certificate is not trusted
> lib  serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the 
> certificate hasn't got a known issuer
>  
> On the client I am getting this:
> lib  serv:  DEBUG:2018-02-22 18h05.53 utc:20431:    Shook hands with peer.
> md   main:  DEBUG:2018-02-22 18h05.53 utc:20431:    Serving OMP.
>  
> But in the GUI all I see is Status: Requested and it never changes.
>  
> Any idea why this is not working?
>  
> Louis
> :::::
> Louis Bohm - Sr. Systems Engineer
>             Dell TechDirect Certified 


_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

Reply via email to