Retrieving the certificate that should be imported to my browser via API

praveen.kumar's Avatar


31 Jan, 2018 03:10 PM


I have hosted arachni(Rest API) on the cloud .
I want to scan 'https' site. Is it possible for me to retrieve the certificate that should be imported to my browser via. API?
Also, in the documentation it is mentioned that I can use .pem files when running arachini, What is the location of these files? I found many pem files and I'm not sure which I should be using

--ssl-ca FILE Location of the CA certificate (.pem). If provided, peer verification will be enabled, otherwise no verification will take place.

--ssl-private-key FILE Location of the SSL private key (.pem).

--ssl-certificate FILE Location of the SSL certificate (.pem).

  1. Support Staff 1 Posted by Tasos Laskos on 05 Feb, 2018 02:25 PM

    Tasos Laskos's Avatar

    First of all, are you sure you're in compliance with the license?

    Secondly, yes but you'll need to retrieve it yourself, also you shouldn't need to do that in the first place, peer verification is disabled by default.

    Thirdly, those options are for the REST server unless I'm mistaken, not the scan itself.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:


Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac