Jul 272012

This line did it:


Net::Nessus::XMLRPC, which calls LWP::UserAgent, didn’t emit any hints why something that had been working for many months suddenly doesn’t when I am forced to port to a new system… same OS, how could it go wrong?

Turns out LWP changed the default behavior that had been around forever – now it dies if a cert isn’t kompletely kosher.  Since virtually every Nessus install will fail the cert verify, it now dies silently.  Just lovely.

I hate security.  And people who think certs are the answer and cause me grief.

(In case you’re wondering, put that line above in a perl script that tries to connect to nessus.  And hope something else doesn’t change from out from under you.)

Sorry, the comment form is closed at this time.