search

Mixeway / MixewayHub

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.
https://mixeway.io
GNU General Public License v3.0
107 stars 17 forks source link

Error add new scanner (Nessus, Acunetix) #27

Closed sonpd2 closed 3 years ago

sonpd2 commented 3 years ago

When I add a new scanner, the response has error: {"status":"I/O error on GET request for \"https://private_ip:8834/editor/scan/templates\": sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target","requestId":null} Please show me how to fix it

sonpd2 commented 3 years ago

I found the way

nibiwodong commented 3 years ago

how to fix this?

nibiwodong commented 3 years ago

I see. Just use HTTP, do not use HTTPS

siewer commented 3 years ago

@nibiwodong moreinfo required what to fix. I assume You are trying to integrate with Nesus (please note that working integration in scope of scan creation and configuration, scan running and vulnerability loading works only with Nessus v6 and bellow, > v7 drop support for rest API)

If You have TLS on any scanner You want to use with Mixeway there is a requirement for Mixeway to trust it. If You are using corporate CA or self-signed certificate on nessus or any scanner You have to import it into MixewayHub's trust store by doing:

Mixeway TrustStore is in /pki/trust.jks (password in environment file)

to add scanner certificate to this store use: keytool -import -alias scanner-file <scanner.crt>-storetype JKS -keystore pki/trust.jks