All Apps and Add-ons

Why am I getting a "SSL: CERTIFICATE_VERIFY_FAILED" error despite having valid certificates in Splunk Add-on for Tenable?

Path Finder

Add-on is configured to obtain data from Tenable nessusd (Nessus) 7.1.3 [build M20120] for Linux

Error in logs

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verification failed.

SSL Connection test

New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : AES128-SHA
Session-ID:
Session-ID-ctx:
Master-Key: EFB3E32FE3292430D26CE3BE6B5DF3FB9D6ECE9922687B0ECD51A7B82A31B11342F43CD30A1671FFCE030AE4D047B381
Start Time: 1535474072
Timeout : 300 (sec)
Verify return code: 0 (ok)

Certificate Authority used for this connection - Lets Encrypt

0 Karma
1 Solution

Path Finder

Let's Encrypt was not listed in the cert. Store for the Add-on.

I updated the list with this command = cat /etc/ssl/certs/ca-bundle.crt >> /opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunktalib/httplib2/cacerts.txt

There may be a solution that is more elegant. For example, to ship updated version of the library, or rely on system libraries. But, that is a much larger discussion.

SSL Certificate is validated by the Add-on and operating as expected. This solved my issue.

View solution in original post

0 Karma

Path Finder

Let's Encrypt was not listed in the cert. Store for the Add-on.

I updated the list with this command = cat /etc/ssl/certs/ca-bundle.crt >> /opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunktalib/httplib2/cacerts.txt

There may be a solution that is more elegant. For example, to ship updated version of the library, or rely on system libraries. But, that is a much larger discussion.

SSL Certificate is validated by the Add-on and operating as expected. This solved my issue.

View solution in original post

0 Karma