Hi everyone,
I’m working with Greenbone Community Edition deployed via Docker on an Ubuntu 24.04 virtual machine. I followed the official Docker setup and successfully accessed the GSA web interface over port 9392.
Now, I want to automate scan task creation from an external inventory management system located on a different server. To do that, I need to access gvmd via TCP over port 9390 using GMP.
Here’s what I tried:
• I enabled port 9390 in docker-compose.yml and mapped it to 0.0.0.0:9390.
• Inside the container, I verified that gvmd listens on UNIX domain socket, but not on TCP.
• I attempted to start gvmd manually with the following options:
gvmd --listen=0.0.0.0 --port=9390 \
--cert=/etc/gvm/certs/server-cert.pem \
--key=/etc/gvm/certs/server-key.pem \
--ca-cert=/etc/gvm/certs/cacert.pem
However, I received this error:
gvmd: g_option_context_parse: Unknown option --cert=/etc/gvm/certs/server-cert.pem
It seems that gvmd does not support TLS options via command line, and maybe even doesn’t support listening on a TCP port directly anymore.
My question is:
• What is the recommended way to allow external systems to connect to gvmd via GMP over TCP+TLS?
• Should I use a proxy such as stunnel to wrap the UNIX domain socket in TLS?
• Or is there an official or documented method to configure gvmd for secure remote access?
Thanks in advance for your guidance — I’d really like to follow best practices here and make sure the integration is secure and aligned with the Greenbone ecosystem.