ERR_CONNECTION_REFUSED On web server

I installed openvas on my raspberrypi4 following the guide that is linked at the bottom of the post
When done I ran the command sudo openvas-start and I attempted to open the web interface with the addresses and port combinations:
127.0.0.1:9392, 9390, and 443
0.0.0.0:9392, 9390, and 443
localhost:9392, 9390, and 443
10.0.0.90:9392, 9390, and 443 (Static address for the Raspberrypi)

Every address and port gives me an ERR_CONNECTION_REFUSED error.
This has also affected my pihole web interface with the same error.
I will assume this issue may exist because something happened to the Lighttpd Daemon service because I’m not able to start it manually.

The only command that has given me some useful information is this: (Spaces are to bypass the hyperlink block)

Blockquote
wget --verbose localhost
–2020-02-14 18:41:55-- h t t p : / / l o c a l h o s t /
Resolving localhost (localhost)… 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:80… connected.
HTTP request sent, awaiting response… 303 See Other
Location: h t t p s : / / l o c a l h o s t : 9 3 9 2 / l o g i n / l o g i n . h t m l [following]
–2020-02-14 18:41:55-- h t t p s : / / l o c a l h o s t : 9 3 9 2 / l o g i n / l o g i n . h t m l
Connecting to localhost (localhost)|127.0.0.1|:9392… connected.
ERROR: The certificate of ‘localhost’ is not trusted.
ERROR: The certificate of ‘localhost’ doesn’t have a known issuer.
The certificate’s owner does not match hostname ‘localhost’

GVM versions

gsa: (‘7.0.3’)
gvm: (‘Command not found’)
openvas-scanner: (‘5.1.3’)
gvm-libs: Command not found

Environment

Operating system: Raspian OS | Raspberry Pi4
Kernel: (‘4.19.97-v7l+’)
Installation method / source: Followed this guide: OpenVAS on the Raspberry Pi 4 works really well! – The Cruft Of My Brain

Maybe it’ll work if you put the hostname in the request?

E.g. in a console type:
hostname
and then use the result for the domain name part of the URL you put in the web browser started on said kali box.

1 Like

Not sure why gsad is configured to redirect from port 80 to https on port 9392. If you are already using port 80 it should redirected to https on port 443.

But nevertheless IMHO you have several options:

  • Let wget ignore the TLS cert validation (insecure)
  • Make wget aware of the TLS cert chain (certs are a bit complicated)
  • Run gsad on http only (insecure but ok at least for local connections)
  • Run gsad with a non self signed cert (get a cert from a well known authority)
3 Likes

I actually have Splunk running on one of my other Servers on port 443. I’m not sure how to change that one.

But speaking of Splunk, one of the sensors does tell me that HTTP Port 80 is refusing connection as well on the Pi.
Since you mentioned both of those ports, maybe there’s a port conflict?
So maybe I should try another port for the web interface with -r , –rport= PORT ?

As for one of your suggestions listed I tried Running gsad on http only. But got the error:

Warning: MHD_USE_THREAD_PER_CONNECTION must be used only with MHD_USE_INTERNAL_POLLING_THREAD. Flag MHD_USE_INTERNAL_POLLING_THREAD was added. Consider setting MHD_USE_INTERNAL_POLLING_THREAD explicitly.

and then use the result for the domain name part of the URL you put in the web browser started on said kali box.

Wait, I’m required to sign in to the web interface using only kali Linux? Because I’m trying to sign into it using windows via any web browser.

You can ignore that warning.

But nevertheless IMHO you have several options:

  • Let wget ignore the TLS cert validation (insecure)
  • Make wget aware of the TLS cert chain (certs are a bit complicated)
  • Run gsad on http only (insecure but ok at least for local connections)
  • Run gsad with a non self signed cert (get a cert from a well known authority)

I have done the first and third option you’ve suggested (with some warnings), I cannot figure out how to do the other options. I’m not exactly a Linux pro, but I know how to navigate it and do basic things.

Unfortunately, I still get the same result.

In this case you really should use our GCE VM! If you are not familiar with unix and configuring services on linux based systems it doesn’t make sense to talk about this issue, sorry. To fix this issue you need some understanding how SSL/TLS certificates work and howto configure the http client and our http server gsad.

1 Like