If you try to start a task you’ll get:
Operation: Start Task Status code: 503 Status message: Service temporarily down
In /var/lib/openvasmd.log you can find something like this:
lib serv:WARNING:2016-09-02 08h21.18 UTC:4546: Failed to shake hands with peer: The TLS connection was non-properly terminated. lib serv:WARNING:2016-09-02 08h21.18 UTC:4546: Failed to shutdown server socket event task:MESSAGE:2016-09-02 08h21.18 UTC:4546: Task 256f8360-1ec7-4675-a6ab-415fd5fb9483 could not be started by admin
The fix is mentioned in a text document you can find here or just following the steps bellow:
- Stop scanner
systemctl stop openvas-scanner
- Stop manager
systemctl stop openvas-manager
- Make the certs with the command (pressing enter will fill in the defaults in the brackets):
openvas-mkcert -f
- Make the client certs with the command:
openvas-mkcert-client -i -n
- Get the scanner uid with the command (gives you an uid like “08b69003-5fc2-4037-a479-93b440211c73”):
openvasmd --get-scanners
- Update scanner and keys with the command (you will need to replace the uid in this command with the uid provided from the previous step):
openvasmd --modify-scanner "08b69003-5fc2-4037-a479-93b440211c73" --scanner-ca-pub /var/lib/openvas/CA/cacert.pem --scanner-key-pub /var/lib/openvas/CA/clientcert.pem --scanner-key-priv /var/lib/openvas/private/CA/clientkey.pem
For Debian it can be slightly different. Thanks mansuamen:
openvasmd –modify-scanner “08b69003-5fc2-4037-a479-93b440211c73” –scanner-ca-pub /usr/local/var/lib/openvas/CA/cacert.pem –scanner-key-pub /usr/local/var/lib/openvas/CA/clientcert.pem –scanner-key-priv /usr/local/var/lib/openvas/private/CA/clientkey.pem
- Sync the feeds using the command:
openvas-nvt-sync
- Start the scanner using the command:
systemctl start openvas-scanner
- Rebuild openvas databases using the command:
openvasmd --rebuild
- Start openvas manager using the command:
systemctl start openvas-manager
- Start Greenbone using the command:
systemctl start gsad
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
