Certificates on port 1515

[Jorge Padilla]

I have Wazuh APP 4.0.3 rev 4014 with elasticsearch-oss.x86_64 7.9.1-1 opendistroforelasticsearch.noarch 1.11.0-1 in All in One installation in a Red Hat instance.

A recent vulnerability scan says that the certificates running on port 1515 are expired, I generate a cert/key par and put  in ossec.conf What I need to do additional? Restarting wazuh-manager or are another step?

Greetings

[Lucio Donda]

Hi Jorge,
I guess you have already checked this guide. Following the setup guide after creating the certs there's a restart so I'm thinking that's an excellent way to continue, have you already tried that? is that vulnerability issue still appearing?
That 1515 port is used by the agent enrollment, have you changed any of the default configurations reading it?

[Jorge Padilla]

Hi Lucio

The system has one year of existence, its not a new installation.

The certificates are expired, the certificates  that used on agent enrollment.

I create new key/cert pair and put in the ossec.conf, If I resetar wazuh manager works or I need to do another procedure to renew the certificates?

Greetings,

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/b2c6505e-8a4c-48ae-b6a2-7b8693a3e37fn%40googlegroups.com.

[Lucio Donda]

Hi, 
Indeed restarting manager would be needed, but that shouldn't impact on the system usage, are you having any doubts regarding manager restart?