Add-on is configured to obtain data from Tenable nessusd (Nessus) 7.1.3 [build M20120] for Linux
Error in logs
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verification failed.
SSL Connection test
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : AES128-SHA
Session-ID:
Session-ID-ctx:
Master-Key: EFB3E32FE3292430D26CE3BE6B5DF3FB9D6ECE9922687B0ECD51A7B82A31B11342F43CD30A1671FFCE030AE4D047B381
Start Time: 1535474072
Timeout : 300 (sec)
Verify return code: 0 (ok)
Certificate Authority used for this connection - Lets Encrypt
Let's Encrypt was not listed in the cert. Store for the Add-on.
I updated the list with this command = cat /etc/ssl/certs/ca-bundle.crt >> /opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunktalib/httplib2/cacerts.txt
There may be a solution that is more elegant. For example, to ship updated version of the library, or rely on system libraries. But, that is a much larger discussion.
SSL Certificate is validated by the Add-on and operating as expected. This solved my issue.
@yarick This did not solve my problem , is there any way we can disable SSL ?
@bharathnetskope- If you have access to the Tenable Support Portal, there should be a spec. That describes if that is supported. It was not in the version of SC I was using.
@yarick I see the same error with the app ---> https://splunkbase.splunk.com/app/5677/
Please let me know how to fix it
@vijaysri- I have not used this particular app, the same should apply -
Check if your app is providing a cacerts bundle OR update version of the same provided on a system-wide level (OS not Splunk).
Let's Encrypt was not listed in the cert. Store for the Add-on.
I updated the list with this command = cat /etc/ssl/certs/ca-bundle.crt >> /opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunktalib/httplib2/cacerts.txt
There may be a solution that is more elegant. For example, to ship updated version of the library, or rely on system libraries. But, that is a much larger discussion.
SSL Certificate is validated by the Add-on and operating as expected. This solved my issue.