[Openvas-discuss] OpenVAS broke itself :(

Russell Jones russell-list at jonesmail.me
Mon May 12 18:14:48 CEST 2014


Hi all,

We came in this morning to an OpenVAS installation that stopped all 
scans at 1%. The openvassd.log file revealed:

[Sun May 11 06:00:12 2014][19746] [19746] failed to verify the peer 
certificate:
[Sun May 11 06:00:12 2014][19746] [19746]    The certificate has expired
[Sun May 11 06:00:12 2014][19746] [19746]    The certificate is invalid
[Mon May 12 14:24:40 2014][20543] [20543] failed to verify the peer 
certificate:
[Mon May 12 14:24:40 2014][20543] [20543]    The certificate has expired
[Mon May 12 14:24:40 2014][20543] [20543]    The certificate is invalid
[Mon May 12 14:24:40 2014][20545] [20545] failed to verify the peer 
certificate:
[Mon May 12 14:24:40 2014][20545] [20545]    The certificate has expired
[Mon May 12 14:24:40 2014][20545] [20545]    The certificate is invalid


I have regenerated certificates via both openvas-mkcert and 
openvas-mkcert-client. I manually installed the client certificates as 
requested by the script. Unfortunately that has not corrected the issue. 
I can login to GSAD as the admin user, and click "start" on a task. 
However after doing that it immediately shows the error:

An internal error occurred while getting the filter list. The current 
list of filters is not available. Diagnostics: Failure to receive 
response from manager daemon.

The manager log shows:

md   main:WARNING:2014-05-12 16h09.16 UTC:21624: read_from_server: 
failed to read from server: A TLS packet with unexpected length was 
received.
md   main:WARNING:2014-05-12 16h09.21 UTC:21623: read_from_server: 
failed to read from server: A TLS packet with unexpected length was 
received.
event task:MESSAGE:2014-05-12 16h09.21 UTC:21623: Status of task COM - 
Weekly deep scan (d40d6eea-fb8b-44f9-8132-4262c19e3e9f) has changed to 
Stopped

Restarting openvasmd reports:

lib auth:   INFO:2014-05-12 16h12.06 utc:21660: Authentication 
configuration not found.


Any ideas on how to get the setup back to a working state? I've tried 
openvasmd --rebuild as well with no success. Not sure what else it needs 
to be happy :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20140512/c52fe13b/attachment.html>


More information about the Openvas-discuss mailing list