Vulnerability scans in Risk Automation Suite using SecureRecon with Nessus are not running or completing. The error below is showing in the RAS vulnerability scan history.
There was no output data from scanner. Scanner IP : x.x.x.x [date and time][17247.0] SSL_CTX_set_cipher_list: error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command [date and time][17247.0] SSL_connect: error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 alert unsupported certificate nessus : SSL error
Login to RAS portal and delete the current Nessus scanner
Edit nessusd.conf and remove the line: “ssl_cipher_list =SSLv2:-LOW:-EXPORT:RC4+RSA”
Restart nessus: service nessusd stop service nessusd start
mv RASAgent.conf RASAgent.conf.old
Reconfigure SecureRecon ./SecureRecon –s SecureRecon version 18.104.22.168, copyright Symantec Corporation 2010 Which scanner do you want to integrate with?   Nessus Enter the full path to the Nessus client executable (0) :/opt/nessus/bin/nessus Enter the full path to the Nessus configuration file () : /opt/nessus/etc/nessus/nessusd.conf Enter the full path to the Nessus plugins directory () : /opt/nessus/lib/nessus/plugins Enter the Nessus server IP/hostname () :localhost Enter the Nessus port (0) :1241 Enter the Nessus user () :….. Enter the Nessus user's password () : …… Enter the number of IP addresses to batch per scan (10) :5 Enter the number of the output file type you want to use (0)  .nbe  .nessus enter 1 Enter the number of the logging level you want to use (0)  Low  Medium  High enter 2 SecureRecon interactive setup is complete.