NRPE: Could not complete SSL handshake

Andy Shellam andy.shellam-lists at mailnetwork.co.uk
Sun Apr 8 11:50:40 CEST 2007
Previous message: NRPE: Could not complete SSL handshake
Next message: NRPE: Could not complete SSL handshake
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sorry this message bounced, trying it again...

Yes, and the last log entry was at 05:56 this morning when one of my 
client servers was rebooted.

Can I just stress that NO checks within Nagios are failing.  ALL checks 
that use NRPE are currently sitting with an OK state.  This is not 
causing a problem with any checks, that's why I want to know what's 
causing this error to be logged every 5 minutes when there's no problem 
anywhere.

It's almost as if there's another Nagios server somewhere trying to talk 
to my 3 machines - but I know this isn't the case because there's a 
firewall on one of them that only allows my Nagios server on that port.

Andy.



Jeffrey Lensen wrote:
> Do you have something like a nagios.log file? Where Nagios logs its 
> alerts, external commands,etc? You can set this in your nagios.cfg file.
> In here you should see something like:
> [1175986495] SERVICE ALERT: 
> ${host};${servicecheck};CRITICAL;SOFT;1;CHECK_NRPE: Could not complete 
> SSL handshake
>
> This should give you an idea where the problem lies.
>
> - Jeffrey
>
> Andy Shellam wrote:
>> Hi Jeffrey,
>>
>> That's what I thought - but as I said, all checks that use NRPE on any 
>> of these servers are succeeding, plus the times that the errors are 
>> logged do not correspond to a time that Nagios runs a check.
>>
>> Andy.
>>
>> Jeffrey Lensen wrote:
>>   
>>> Hey Andy,
>>>
>>> Have you tried running your NRPE checkcommands manually?
>>> ${NRPE_DIR}/check_nrpe -H ${host} -c ${command} -a 
>>> ${arguments_if_you_have_any}
>>> What does this return?
>>>
>>> Usually when you get an error like this, it means that you have not 
>>> specified the ipaddress of the Nagios server (doing the nrpe 
>>> checkcommands) in the nrpe.cfg on the machine(s) being checked.
>>> So make sure you have something like this:
>>>    allowed_hosts=127.0.0.1,${nagios_ip}
>>>
>>> Hope this helps,
>>>
>>> Jeffrey
>>>
>>>
>>> Andy Shellam wrote:
>>>     
>>>> Hi,
>>>>
>>>> I'm running NRPE 2.7.1 on a Fedora 6 machine.
>>>> My Nagios 2.8 server is talking to it fine, and all NRPE checks are 
>>>> succeeding.
>>>>
>>>> However, every 5 minutes I'm getting the following error logged in my 
>>>> /var/log/messages log on the FC6 machine:
>>>>
>>>> Apr  8 08:33:58 acs20aa6 nrpe[23649]: Error: Could not complete SSL 
>>>> handshake. 5
>>>>
>>>> Yet when I look in my /var/log/secure log (which stores every command 
>>>> run through sudo from NRPE), I cannot match the SSL handshake error 
>>>> to a time of a check attempt from my Nagios server, e.g. for the 
>>>> above error:
>>>>
>>>> Apr  8 08:31:10 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>>>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_uptime
>>>> Apr  8 08:31:10 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>>>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_dns -H 
>>>> portland-1.andyshellam.eu -a 89.200.137.203 -t 5 -w 3 -c 5
>>>> Apr  8 08:31:10 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>>>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_load -w 5,4,3 -c 
>>>> 10,8,6
>>>> Apr  8 08:35:18 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>>>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_disk -w 25% -c 
>>>> 10% -p /
>>>> Apr  8 08:35:19 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>>>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_procs -w 1:1 -c 
>>>> 1:1 -C named
>>>> Apr  8 08:35:19 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>>>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_swap -w 25% -c 10%
>>>> Apr  8 08:35:32 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>>>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_procs -w 150 -c 200
>>>>
>>>> As you can see, there is no check being carried out at 8:33 (the time 
>>>> of the SSL error.)  Plus there are no failing NRPE checks on the 
>>>> Nagios server for this host.
>>>>
>>>> I'm baffled.
>>>>
>>>> I've just checked on 2 of my other machines, which are running NRPE 
>>>> 2.7.1 on Fedora 4 and FreeBSD 6.1, and they both have the same 
>>>> problem - a reported SSL handshake error when no checks were being 
>>>> carried out.
>>>>
>>>> Now, on the FreeBSD machine, it has a firewall only letting my Nagios 
>>>> server talk to port 5666, so I know it's not possible for it to be 
>>>> another Nagios machine somewhere.
>>>>
>>>> Any ideas what could be causing NRPE to fail a connection attempt 
>>>> every 5 minutes, when it doesn't appear to be Nagios talking to it?
>>>>
>>>> Thanks
>>>>
>>>> Andy
>>>>
>>>> ------------------------------------------------------------------------- 
>>>>
>>>> Take Surveys. Earn Cash. Influence the Future of IT
>>>> Join SourceForge.net's Techsay panel and you'll get the chance to 
>>>> share your
>>>> opinions on IT & business topics through brief surveys-and earn cash
>>>> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV 
>>>>
>>>> _______________________________________________
>>>> Nagios-users mailing list
>>>> Nagios-users at lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>>>> ::: Please include Nagios version, plugin version (-v) and OS when 
>>>> reporting any issue. ::: Messages without supporting info will risk 
>>>> being sent to /dev/null
>>>>   
>>>>       
>>>
>>>
>>>     
>>
>>
>> -------------------------------------------------------------------------
>> Take Surveys. Earn Cash. Influence the Future of IT
>> Join SourceForge.net's Techsay panel and you'll get the chance to share your
>> opinions on IT & business topics through brief surveys-and earn cash
>> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>> _______________________________________________
>> Nagios-users mailing list
>> Nagios-users at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
>> ::: Messages without supporting info will risk being sent to /dev/null
>>   
>
> !DSPAM:37,4618b5f489292745212073! 


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: NRPE: Could not complete SSL handshake
Next message: NRPE: Could not complete SSL handshake
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list