Hello everyone,
I have installed the tenable integration which asks me to generate an API key to be able to use it and perform the ingest.
When I noticed that the logs were not arriving I proceeded to review the log that the agent reports and I see that there is a certificate problem because the site is not https, I would like to know if you know any command to add in the integration in advanced options to skip that validation.
You said the site is not HTTPS, but your error log shows it is using HTTPS.
The error says the Agent doesn't trust the Tenable API since the SSL cert was signed by an unknown authority.
You can add the CA cert in the advanced settings area just below the API Key fields.
Hello,
Thank you for answering, what you mention is through a command and specifying a path? or I add the certificate in a similar way to the one that appears as a sample but this as a comment?
Sorry, I am not good with certificates.
You can navigate to the Tenable URL in your web browser and look at the certificate information. If you can then click on the cert details then the export button.
Open the file you exported via notepad and you will get the base64 version of the cert that looks similar to my previous screenshot.
If you have multiple Root certs in the chain (A Root CA then an intermediate Cert - this is shown in my attached example) then you need to add both of those to the cert details for the Agent.
I will give it a try, thank you very much for your valuable help.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
