SSL Problems - Error: could not use CA certificate file

konffi · Post by **konffi** » Thu Oct 29, 2020 2:32 pm

Hello everybody,

i am currently trying to encrypt the nrpe checks via ssl. I have followed the following instructions: https://support.nagios.com/kb/article.php?id=519
I have created all necessary certificates and stored them on my Nagios server and client.
First function tests have already been passed. Using the following command:

Code: Select all

root@nagios_server:/usr/local/nagios/etc# /usr/local/nagios/libexec/check_nrpe -A /usr/local/nagios/etc/ssl/ca/ca_cert.pem -C /usr/local/nagios/etc/ssl/nagios_server_certs/nagios_server.pem -K /usr/local/nagios/etc/ssl/nagios_server_certs/nagios_server.key -H xxxxxxxx
NRPE v4.0.3

The errors occur when I want to set the nrpe client to require SSL. I do this by making the following change in nrpe.cfg:

Code: Select all

ssl_client_certs=2

When I restart the service the following error message is shown:

Code: Select all

Oct 29 19:12:51 client nrpe[11796]: Error: could not use CA certificate file '/usr/local/nagios/etc/ssl/ca-cert.pem #: No such file or directory

The directory in which the files are located has the correct permissions in my opinion

Code: Select all

-rw-r--r-- 1 nagios nagios 2.1K Oct 28 20:23 ca_cert.pem
-rw------- 1 nagios nagios 1.7K Oct 28 20:22 client_nrpe_cert.key
-rw-r--r-- 1 nagios nagios 1.8K Oct 28 20:22 client_nrpe_cert.pem

Did anyone have a similar problem or a solution ?
Many thanks in advance!

Best regards
Konffi

gormank · Post by **gormank** » Thu Nov 05, 2020 4:53 pm

Maybe the dir isn't readable by the nagios user? As the nagios user:

ls -l /usr/local/nagios/etc/ssl/ca-cert.pem

Nagios Support Forum

SSL Problems - Error: could not use CA certificate file

SSL Problems - Error: could not use CA certificate file

Re: SSL Problems - Error: could not use CA certificate file