Nagios Support Forum

Posted: **Wed Oct 10, 2018 10:56 am**

Hi,

I am using Ubuntu Server 18.04 and have installed Nagios Core 4.4.2 (following this manual https://www.itzgeek.com/how-tos/linux/u ... 16-04.html).
and NRPE (following this manual https://www.itzgeek.com/how-tos/linux/c ... ios-3.html)
IP: x.x.x.3/24 (same subnet as Windows Example host)

Moreover I have Windows 2016 Server which is my example host. On this Win-Server I have installed NSCP-0.5.2.35-Win32.msi.
IP: x.x.x.20/24 (same subnet as Nagios Server)
My nsclient.ini is attached to this post.

The check_nt-checks are working fine.

Problem:
I am not able to use nrpe-checks.
Error-messages:

NAGIOS-WEBFRONTEND
"CHECK_NRPE: (ssl_err != 5) Error - Could not complete SSL handshake with x.x.x.20: 1"

NAGIOS-Server
"check_nrpe -H x.x.x.20"
--> CHECK_NRPE (ssl_err !=5) Error - could not complete SSL handshake with x.x.x.20:1"

I reinstalled this server 3 times and checked several nsclient-configurations but it didn't work.

Can anyone help me please? I am thankful for any ideas / suggestions

best wishes,
freakazoid

Posted: **Wed Oct 10, 2018 12:44 pm**

I think in your [/settings/NRPE/server] section you want to add

Code: Select all

use ssl = 1

Then restart nsclient++

Posted: **Thu Oct 11, 2018 12:50 am**

Thanks for the super fast reply.

I added "use ssl = 1" to the ini-file on the windows host.

When I check on the nagios-server ("check_nrpe -H <IP>.20"), I receive the same error message:

"CHECK_NRPE: (ssl_err !=5) Error - Could not complete SSL handshae with <IP>.20: 1"

Any other ideas?

best wishes,
freakazoid

Posted: **Thu Oct 11, 2018 10:41 am**

I added

level = debug

And did a "Check_nrpe -H <IP>"

I received this in the logs

eroor:c:\source\master\include\socket/connection.hpp:276: Failed to establish secure connection: sslv3 alert handshake failure 1040

Posted: **Fri Oct 12, 2018 2:03 am**

Hi,

are there any ideas / any suggestions?

Can anyone tell me how to analyze the problem so that I can find a solution by myself?

Thanks in advance.

Best wishes,
freakazoid

Posted: **Fri Oct 12, 2018 1:33 pm**

Edit the nsclient.ini file again and under this section

Code: Select all

[/settings/NRPE/server]

Add these options.

Code: Select all

ssl options = 
allow arguments = true
allow nasty characters = true
port = 5666
extended response = 1

Save the changes and restart the nsclient++ agent and let us know it this works.

Without the enpty ssl option settings, I think the Nsclient++ agent is selecting an incompatible ssl setting for the plugin.
The other options are needed for accepting arguments, etc...

Posted: **Mon Oct 15, 2018 5:18 am**

Thank you for your response.

I added the lines to the ini-file, yet the response is still the same

Code: Select all

CHECK_NRPE: (ssl_err != 5) Error - Could not complete SSL handshake with <HOST_IP>: 1

Do you need any other information?

Posted: **Mon Oct 15, 2018 8:53 am**

Can you post the nsclient.ini file and the nsclient.log file from this folder on the Windows system?

Code: Select all

C:\Program Files\NSClient++

Thanks

Posted: **Mon Oct 15, 2018 9:38 am**

Thank you for your Reply.

Attached the two needed files.

Posted: **Mon Oct 15, 2018 12:13 pm**

I would reinstall the check_nrpe plugin on the Nagios server using the following source installation instructions.

https://support.nagios.com/kb/article.php?id=515

At the bottom of the page, look for the following section.

Installing The Nagios Plugins

I feel that the plugin you currently have installed, may not have SSL enabled so it will have to be recompiled.

Nagios Support Forum

NRPE not working (SSL-Handshake)

NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)

Re: NRPE not working (SSL-Handshake)