"check_http --ssl" problem
Ton Voon
ton.voon at altinity.com
Fri Mar 17 00:43:33 CET 2006
On 16 Mar 2006, at 20:29, Emmett Hogan wrote:
> Wow...this is a first for me in my dealings with Nagios and the list.
> Usually, one of the "super smart" folks on this list sees what the
> problem is in a matter of minutes..but not this time.
That's a taunt if ever I heard one!
Try the plugins snapshot at http://nagiosplug.sourceforge.net/
snapshot. Sean Finney has done some cleanup for SSL connections and I
think this is fixed in there.
Ton
>
> Has no one else tried to verify ssl certs on a web server which
> requires
> STRONG encryption from a nagios server running Redhat v4 x86_64? :-(
>
> Anybody have any suggestions?
>
> -Emmett
>
> Emmett Hogan wrote:
>> Hi Folks,
>>
>> I am having a very strange problem. I am moving nagios to a new
>> server
>> and updating to V2.0 (from V2.0b1), at the same time upgrading from
>> nagios-plugins-1.4beta to nagios-plugins-1.4.2.
>>
>> The big difference, and I think the source of my problem, is that
>> I am
>> going from Debian Linux to Redhat Enterprise Linux.
>>
>> In a nutshell, "check_http --ssl" doesn't work for our servers which
>> REQUIRE strong encryption.
>>
>> Examples:
>>
>> On our OLD Debian machine (everything is great):
>>
>> # ./check_http -V
>> check_http (nagios-plugins 1.4-beta1) 1.79
>>
>> # ./check_http -v -C 60 --ssl www.wellsfargo.com
>> SSL seeding: OK
>> OK - Certificate will expire on 08/19/2006 23:59.
>>
>> # ./check_http -v -C 60 --ssl my-web-server
>> SSL seeding: OK
>> OK - Certificate will expire on 08/14/2011 18:21.
>>
>> New Redhat Server:
>>
>> # ./check_http -V
>> check_http (nagios-plugins 1.4.2) 1.81
>>
>> # ./check_http -v -C 60 --ssl www.wellsfargo.com
>> SSL seeding: OK
>> OK - Certificate will expire on 08/19/2006 23:59.
>>
>> # ./check_http -v -C 120 --ssl my-web-server
>> SSL seeding: OK
>> CRITICAL - Cannot retrieve server certificate.
>>
>> This happens even if I compile version 1.79 on the Redhat box and
>> try to
>> run it. So, I figured it must be an ssl library problem...right?
>> Nope. I grabbed the latest openssl, compiled it, and used it to
>> build
>> both versions of check_http, and got the exact same problem.
>>
>> I receive this error even when checking to make sure the https
>> side is
>> up and running:
>>
>> # ./check_http --ssl -v my-web-server
>> SSL seeding: OK
>> CRITICAL - Cannot retrieve server certificate.
>>
>> I am pretty sure it has to do with my requirement of strong
>> encryption
>> within my Apache server, but it works fine with my old setup.
>>
>> Has anyone else on the list run into this problem before??
>>
>> Any help would be GREATLY appreciated!
>>
>> Thanks,
>> Emmett
>>
http://www.altinity.com
T: +44 (0)870 787 9243
F: +44 (0)845 280 1725
Skype: tonvoon
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list