Adding New UsersConfiguring OpenVAS-ServerConfiguring OpenVAS-ServerGenerating a Server Certificate

Generating a Server Certificate

For security reasons, communication between the OpenVAS server and client is only possible through SSL encrypted connections. In order to establish an SSL encrypted connection, the server needs to have an SSL certificate. If the machine OpenVAS-Server is running on does not have a certificate, you will have to generate one yourself.

The easiest way to do this is through the openvas-mkcert script provided by the OpenVAS-Server package. This will generate two certificates: one certificate for a local certificate authority (CA) and a second certificate for the OpenVAS server which is signed by the CA and is presented to connecting clients.

However, in case you want or have to consider a X.509 Public Key Infrastructure (PKI), you may of course use a certificate signed by the respective CA, which is e.g. done by your trust center.

Adding New UsersConfiguring OpenVAS-ServerConfiguring OpenVAS-ServerGenerating a Server Certificate