Hello,
I installed FreeBSD 12, which have NRPE3 in the ports.
NRPE is running:
# ps aux | grep nrpe
nagios 13356 0.0 0.1 14860 5616 - Is 22:11 0:00.00 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
[1576622259] Starting up daemon
[1576622259] SETUP_WAIT_CONN FOR: IPv4 address: :: ((null))
[1576622259] Server listening on :: port 5666.
[1576622259] SETUP_WAIT_CONN FOR: IPv4 address: 0.0.0.0 ((null))
[1576622259] Server listening on 0.0.0.0 port 5666.
[1576622259] Warning: Daemon is configured to accept command arguments from clients!
[1576622259] Listening for connections on port 5666
[1576622259] Allowing connections from: 127.0.0.1,::1,86.155.0.252
# openssl version
OpenSSL 1.1.1a-freebsd 20 Nov 2018
However when I am trying to test it, I am getting this error:
CHECK_NRPE: (ssl_err != 5) Error - Could not complete SSL handshake with 127.0.0.1: 1
Is there any known issue with OpenSSL 1.1.x and FreeBSD 12 which affect NRPE3?
I remember when I tried with FreeBSD 11 was working
Thanks
Andrew
Freebsd 12 and NRPE 3 - SSL issue
-
Box293
- Too Basu
- Posts: 5126
- Joined: Sun Feb 07, 2010 10:55 pm
- Location: Deniliquin, Australia
- Contact:
Re: Freebsd 12 and NRPE 3 - SSL issue
Can you follow this KB article to see if it resolves your issue:
https://support.nagios.com/kb/article/n ... e-615.html
https://support.nagios.com/kb/article/n ... e-615.html
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Freebsd 12 and NRPE 3 - SSL issue
Hello,
I tried the options but didn't work, still getting the same problem. I have seen somewhere that there is a problem with OpenSSL 1.1.x, not sure if is still an issue?
Thanks
Andrew
I tried the options but didn't work, still getting the same problem. I have seen somewhere that there is a problem with OpenSSL 1.1.x, not sure if is still an issue?
Thanks
Andrew
-
Box293
- Too Basu
- Posts: 5126
- Joined: Sun Feb 07, 2010 10:55 pm
- Location: Deniliquin, Australia
- Contact:
Re: Freebsd 12 and NRPE 3 - SSL issue
How did you install NRPE? Did you follow any specific guide?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Freebsd 12 and NRPE 3 - SSL issue
Initially, I installed it by using ports and I had the issue that mentioned. Later on I tried to install from source by using this guide:
https://www.jordansphere.co.uk/installi ... sd-server/
also this guide:
https://support.nagios.com/kb/article.p ... 06#FreeBSD
but I was getting this error.....
/usr/local/bin/ld: /tmp//cc6TZJfd.o: in function `get_dh2048':
/tmp/nrpe-nrpe-3.2.1/src/./../include/dh.h:42: undefined reference to `DH_set0_pqg'
collect2: error: ld returned 1 exit status
*** Error code 1
Regards,
Andrew
https://www.jordansphere.co.uk/installi ... sd-server/
also this guide:
https://support.nagios.com/kb/article.p ... 06#FreeBSD
but I was getting this error.....
/usr/local/bin/ld: /tmp//cc6TZJfd.o: in function `get_dh2048':
/tmp/nrpe-nrpe-3.2.1/src/./../include/dh.h:42: undefined reference to `DH_set0_pqg'
collect2: error: ld returned 1 exit status
*** Error code 1
Regards,
Andrew
Re: Freebsd 12 and NRPE 3 - SSL issue
If you're running Nagios on Ubuntu 18.04, it could be that NRPE on FreeBSD is presenting a 512 byte DH key. Ubuntu 18.04 will refuse that key outright. Check out the enhanced security document, and see if it fixes the issue.
https://support.nagios.com/kb/article.php?id=519
https://support.nagios.com/kb/article.php?id=519
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!