Changing a SSL Certificate for Web UI

[QuaiGoner]

Hello, i am trying to find a way to put my SSL cert on web UI, but GSAD service is dead and WEb UI is working But netstat tells me that GSAD is listening on 443 Where can i point WEB ui to a new certificate?

[yu210148]

Hi there,

Humm, that's a good question. I run mine with the default self signed certificate so I've never tried to add one manually. I'm not sure if this is a compile time issue or not. It might be worth the folks who maintain gsad. If there's some flag I can set in the installer script when it compiles I can do that but I don't know if it is or not.

If anyone else who sees this has any ideas let us know.

Kev.

On Wed, Aug 31, 2022, 10:10 PM QuaiGoner @.***> wrote:

Hello, i am trying to find a way to put my SSL cert on web UI, but GSAD service is dead and WEb UI is working [image: image] https://user-images.githubusercontent.com/41058180/187817184-af8c11a2-63a2-4b51-ba73-4896ed8b39cf.png But netstat tells me that GSAD is listening on 443 [image: image] https://user-images.githubusercontent.com/41058180/187817312-2ed19f59-9092-475d-91f1-fa40e8e12297.png Where can i point WEB ui to a new certificate?

— Reply to this email directly, view it on GitHub https://github.com/yu210148/gvm_install/issues/90, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAKFY4INAP2AW5CLYVP32XLV4AF77ANCNFSM6AAAAAAQB5CRAM . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[ankush-grover-3pg]

On Ubuntu 20.04 edit /etc/systemd/system/gsa.service and update the ExecStart line with the path to the certificate and private key. All the SSL certificates should be under 1 file like it is normally done for Nginx. Restart the gsa service and custom SSL certificate should work.

ExecStart=/usr/bin/sudo /opt/gvm/sbin/gsad --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1 -c /etc/ssl/nginx_bundle-ca -k /etc/ssl/private.key