Try the /var/lib/openvas/CA/cacert.pem from your slave. Thijs Stuurman Security Operations Center | KPN Internedservices B.V. thijs.stuur...@internedservices.nl<mailto:thijs.stuur...@internedservices.nl> | thijs.stuur...@kpn.com<mailto:thijs.stuur...@kpn.com> T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: https://nl.linkedin.com/in/thijsstuurman Van: Louis Bohm [mailto:lo...@systemgeek.net] Verzonden: vrijdag 23 februari 2018 13:18 Aan: Thijs Stuurman <thijs.stuur...@internedservices.nl> CC: openvas-discuss@wald.intevation.org Onderwerp: Re: [Openvas-discuss] Scanner Master Slave setup According to the doc it says to use: ${CMAKE_INSTALL_PREFIX}"/var/lib/openvas/CA/servercert.pem. On CentOS 7 that turns out to be: /var/lib/openvas/CA/servercert.pem according to openvas-manage-certs -V [root@pci-sec02 ~]# openvas-manage-certs -V OK: Directory for keys (/var/lib/openvas/private/CA) exists. OK: Directory for certificates (/var/lib/openvas/CA) exists. OK: CA key found in /var/lib/openvas/private/CA/cakey.pem OK: CA certificate found in /var/lib/openvas/CA/cacert.pem OK: CA certificate verified. OK: Certificate /var/lib/openvas/CA/servercert.pem verified. OK: Certificate /var/lib/openvas/CA/clientcert.pem verified. Is it not the servercert.pem from the slave openvas host that I am supposed to use? Louis ::::: Louis Bohm - Sr. Systems Engineer Dell TechDirect Certified On Feb 23, 2018, at 5:09 AM, Thijs Stuurman <thijs.stuur...@internedservices.nl<mailto:thijs.stuur...@internedservices.nl>> wrote: My best guess is that you didn’t load in the right CA certificate from your slave at step: CA Certificate: The certificate you gathered from the slave Thijs Stuurman Security Operations Center | KPN Internedservices B.V. thijs.stuur...@internedservices.nl<mailto:thijs.stuur...@internedservices.nl> | thijs.stuur...@kpn.com<mailto:thijs.stuur...@kpn.com> T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: https://nl.linkedin.com/in/thijsstuurman Van: Openvas-discuss [mailto:openvas-discuss-boun...@wald.intevation.org] Namens Louis Bohm Verzonden: donderdag 22 februari 2018 19:11 Aan: openvas-discuss@wald.intevation.org<mailto:openvas-discuss@wald.intevation.org> Onderwerp: [Openvas-discuss] Scanner Master Slave setup I followed the following doc https://blog.haardiek.org/setup-openvas-as-master-and-slave.html to set up the master slave environment with the exception that I am doing this on CentOS 7 with OpenVAS9. On the master I am getting this: lib serv: DEBUG:2018-02-22 17h59.10 UTC:22888: Connected to server ‘op4us1opsscan01.domain.net<http://op4us1opsscan01.domain.net/>' port 9393. lib serv: DEBUG:2018-02-22 17h59.10 UTC:22888: Shook hands with server 'op4us1opsscan01.domain.net<http://op4us1opsscan01.domain.net/>' port 9393. lib serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the certificate is not trusted lib serv:WARNING:2018-02-22 17h59.10 UTC:22888: openvas_server_verify: the certificate hasn't got a known issuer On the client I am getting this: lib serv: DEBUG:2018-02-22 18h05.53 utc:20431: Shook hands with peer. md main: DEBUG:2018-02-22 18h05.53 utc:20431: Serving OMP. But in the GUI all I see is Status: Requested and it never changes. Any idea why this is not working? Louis ::::: Louis Bohm - Sr. Systems Engineer Dell TechDirect Certified
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
