Installed GVM 11 on Debian Buster VM from source https://sadsloth.net/post/install-gvm11-src-on-debian. Everythings woks as expected but I ask myself how it’s possible to use an own SSL Certificate from my own CA from a raspberry ? The whole SSL stuff for GVM11 is installed with a “gvm-manage-certs -a” but this installed an own CA with all the certs.

All what I need is to create a SAN CSR with the hostnames from the debian VM and sign it with my own raspberry CA.

gvm-manage-certs -R creates a signing request but I cannot install the signed cert ??

debian-gvm10:/tmp/tmp.JWI92vPYzZ# gvm-manage-certs -i debian-gvm.pem
ERROR: Files to install (/tmp/tmp.5CIWYVLNjx/key.pem and /tmp/tmp.5CIWYVLNjx/cert.pem) not found. Aborting.

the greenborne certification is a big hole of shit if you ask me. I found no usable or helpful howto about using an own SSL cert. who can help ?


AFAIK gvm-manage-certs is just a helper script and only optional / not required. If it doesn’t provide the functionality you are looking for or is lacking documentation how to use it you can also just use openssl or even Let’s Encrypt / a commercial CA signed cert and then point gsad and to the certificate and private keys:

gsad --help

  -k, --ssl-private-key=<file>           Use <file> as the private key for HTTPS
  -c, --ssl-certificate=<file>           Use <file> as the certificate for HTTPS

A post was split to a new topic: Can’t start gsad