Hello,
We are using Redhat 5.8, openssl version 0.98 and we are trying to check SSL connection for a webserver who has only TLS 1.2 enabled. We tried upgrading openssl version manually to OpenSSL 1.0.1k but we are still getting the following error while checking using --sssl=1.2[+] option:
====
# /usr/local/nagios/libexec/check_http -I xx.xx.xx.xx -S -f follow -u https://URL --ssl=1.2[+]
UNKNOWN - Disabling TLSv1.1 is not supported by your SSL library.
SSL initialized
====
Please advise on this.
CRITICAL - Cannot make SSL connection.
Re: CRITICAL - Cannot make SSL connection.
What version of check_http are you running? check_http -V The reason I ask is because there was a few bugs fixed with check_http in the most recent version of our nagios plugins. (2.1.2)
https://www.nagios.org/downloads/nagios-plugins/
Additionally, I don't think you need the [+] part in your command.
https://www.nagios.org/downloads/nagios-plugins/
Additionally, I don't think you need the [+] part in your command.
Former Nagios Employee
Re: CRITICAL - Cannot make SSL connection.
https://nagios-plugins.org/
The check_http -S/–ssl option now accepts the arguments “1.1” and “1.2” to force TLSv1.1 and TLSv1.2 connections, respectively
– The check_http -S/–ssl option now allows for specifying the desired protocol with a “+” suffix to also accept newer versions
Be sure to check out the Knowledgebase for helpful articles and solutions!