SSL/TLS Setup

Setting Up SSL Certificates for ScanSuite and DefectDojo

Since ScanSuite and DefectDojo are separate installations, each requires its own set of domain names and SSL certificates. This guide provides clear instructions to set up SSL certificates for both services.

1: Register Domain Names

Register the required domain names in your DNS configuration. For example:

• scansuite.yourdomain.com

• dojo.yourdomain.com

---

2: Stop the Servers

Before applying the SSL certificates, stop both the ScanSuite and DefectDojo servers by running:

cd ~/apps/scansuite && docker compose down -t 0 cd ~/apps/scansuite/defectdojo && docker compose down -t 0

---

3: Obtain SSL Certificates

Obtain SSL certificates from your local Certificate Authority (CA). If your ScanSuite server is publicly accessible, you can obtain an SSL certificate using Let's Encrypt as described below:

Install Certbot

sudo snap install certbot --classic

Generate SSL Certificates

sudo certbot certonly --register-unsafely-without-email --agree-tos -d scansuite.yourdomain.com sudo certbot certonly --register-unsafely-without-email --agree-tos -d dojo.yourdomain.com

---

4: Replace SSL Keys and Certificates

For ScanSuite:

Copy the newly generated SSL certificate and key to the ~/apps/scansuite/services/nginx/certs/ directory:

Ensure that the file names cert.pem and key.pem are preserved.

For DefectDojo:

Copy the SSL certificate and key to the ~/apps/scansuite/defectdojo/certs directory.

Ensure that the file names nginx.crt and nginx.key are preserved.

Ensure both files are user readable, otherwise execute:

cd ~/apps/scansuite/defectdojo/certs && chmod +r nginx.crt nginx.key

---

5: Start the Servers

Start both ScanSuite and DefectDojo:

cd ~/apps/scansuite/defectdojo && docker compose up -d cd ~/apps/scansuite && ./start-scansuite

---

6: Verify SSL Certificate Loading

Check the Nginx logs to confirm that the certificates are loaded correctly:

cd ~/apps/scansuite/defectdojo && docker compose logs nginx

cd ~/apps/scansuite && docker compose logs nginx

If any errors appear, double-check the certificate paths and permissions.