Certificates on port 1515

286 views
Skip to first unread message

Jorge Padilla

unread,
Dec 23, 2022, 4:54:52 PM12/23/22
to Wazuh mailing list
I have Wazuh APP 4.0.3 rev 4014 with elasticsearch-oss.x86_64 7.9.1-1 opendistroforelasticsearch.noarch 1.11.0-1 in All in One installation in a Red Hat instance.

A recent vulnerability scan says that the certificates running on port 1515 are expired, I generate a cert/key par and put  in ossec.conf What I need to do additional? Restarting wazuh-manager or are another step?

Greetings

Lucio Donda

unread,
Dec 26, 2022, 10:59:50 AM12/26/22
to Wazuh mailing list
Hi Jorge,
I guess you have already checked this guide. Following the setup guide after creating the certs there's a restart so I'm thinking that's an excellent way to continue, have you already tried that? is that vulnerability issue still appearing?
That 1515 port is used by the agent enrollment, have you changed any of the default configurations reading it?

Jorge Padilla

unread,
Dec 27, 2022, 8:22:24 PM12/27/22
to wa...@googlegroups.com

Hi Lucio

The system has one year of existence, its not a new installation.

The certificates are expired, the certificates  that used on agent enrollment.

I create new key/cert pair and put in the ossec.conf, If I resetar wazuh manager works or I need to do another procedure to renew the certificates?

Greetings,

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/b2c6505e-8a4c-48ae-b6a2-7b8693a3e37fn%40googlegroups.com.

Lucio Donda

unread,
Dec 28, 2022, 6:17:22 AM12/28/22
to Wazuh mailing list
Hi, 
Indeed restarting manager would be needed, but that shouldn't impact on the system usage, are you having any doubts regarding manager restart?
Reply all
Reply to author
Forward
0 new messages