On Tue, 17 Dec 2002, Don Maxwell wrote: > Connections from NessusWX 1.4.2 to nessusd 1.2.7 result in these messages: > Nessus Console [Version 1.4.2] Ready > SSL library initialized > Connecting to server nessushost (port 1241) using TLSv1 encrypted > connection... > SSL connection using DES-CBC3-SHA > ERROR: Server doesn't support NTP/1.2 protocol. Connection terminated. > > I "upgraded" last Friday to OpenSSL 9.6g, after which my Nessus activity was > fine. After a server reboot today, Nessus now fails with the error message > above. After a new OpenSSL upgrade, the server cert was accepted, so there > was some communication to start with.
I haven't yet tried 1.2.7, but I suspect you have a problem with your certs. The specific error message you received indicates the NessusWX client managed to connect to the server and send the initial protocol request but didn't get anything back, likely because the server couldn't validate the client certification. Try using the OpenSSL s_client command to connect to your server; eg, "openssl s_client -connect yourhost:1241 -tls1 -cert cert_nessuswx_yourusername.pem -CAfile /usr/local/com/nessus/CA/cacert.pem" [adjust the filenames to match your setup]. You may wish to play around with the -debug and -verify options as well as use openssl's x509 command to examine your certificates. George -- [EMAIL PROTECTED] - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
