Hi,
I am using check_http plugin and url is working fine but while checking on nagiosxi it is showing ssl connection issue as shown below.
[nagios@nagmonm102.innovate.ibm.com ~]$ /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080
CRITICAL - Cannot make SSL connection.
140666050189232:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
check_http throwing CRITICAL - Cannot make SSL connection.
Re: check_http throwing CRITICAL - Cannot make SSL connectio
Run the following:
and if it fails:
The --sni switch is sometimes required for some sites and the -v option will give us verbose output from the check_http command.
Code: Select all
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 --sniCode: Select all
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 -v
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 --sni -vAs of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: check_http throwing CRITICAL - Cannot make SSL connectio
Hi,
I ran below commands and this is output I got
[root@nagmonm102 ~]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 --sni
CRITICAL - Cannot make SSL connection.
140293867984816:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
[root@nagmonm102 ~]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 -v
CRITICAL - Cannot make SSL connection.
140223705757616:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
SSL initialized
[root@nagmonm102 ~]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 --sni -v
CRITICAL - Cannot make SSL connection.
140482069182384:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
SSL initialized
I ran below commands and this is output I got
[root@nagmonm102 ~]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 --sni
CRITICAL - Cannot make SSL connection.
140293867984816:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
[root@nagmonm102 ~]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 -v
CRITICAL - Cannot make SSL connection.
140223705757616:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
SSL initialized
[root@nagmonm102 ~]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -S -p 8080 --sni -v
CRITICAL - Cannot make SSL connection.
140482069182384:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
SSL initialized
Re: check_http throwing CRITICAL - Cannot make SSL connectio
Are you sure that SSL is required? The url uses http instead of https. What is the output of these:
?
Code: Select all
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 --sni -v
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -vAs of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: check_http throwing CRITICAL - Cannot make SSL connectio
Hi,
I have ran below commands and this is the output
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 --sni -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 11:55:00 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0yl4vbr3btd1whpwr7855gfiu8222.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.177 second response time |time=0.176841s;;;0.000000 size=1551B;;;0
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 11:55:00 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0yl4vbr3btd1whpwr7855gfiu8222.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.177 second response time |time=0.176841s;;;0.000000 size=1551B;;;0
[root@nagmonm102 libexec]# clear
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 11:56:05 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0fg2std9o27e61ypotfd82ubg8223.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.177 second response time |time=0.177076s;;;0.000000 size=1551B;;;0
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080
HTTP WARNING: HTTP/1.1 403 Forbidden - 1552 bytes in 0.176 second response time |time=0.176434s;;;0.000000 size=1552B;;;0
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 12:20:38 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0rn5h11yj8v294ulz2u15agnz8225.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.178 second response time |time=0.178214s;;;0.000000 size=1551B;;;0
I have ran below commands and this is the output
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 --sni -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 11:55:00 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0yl4vbr3btd1whpwr7855gfiu8222.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.177 second response time |time=0.176841s;;;0.000000 size=1551B;;;0
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 11:55:00 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0yl4vbr3btd1whpwr7855gfiu8222.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.177 second response time |time=0.176841s;;;0.000000 size=1551B;;;0
[root@nagmonm102 libexec]# clear
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 11:56:05 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0fg2std9o27e61ypotfd82ubg8223.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.177 second response time |time=0.177076s;;;0.000000 size=1551B;;;0
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080
HTTP WARNING: HTTP/1.1 403 Forbidden - 1552 bytes in 0.176 second response time |time=0.176434s;;;0.000000 size=1552B;;;0
[root@nagmonm102 libexec]# /usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -v
GET http://fraplops101.os.net.ibm.com:8080/ HTTP/1.1
User-Agent: check_http/v2.3.3 (nagios-plugins 2.3.3)
Connection: close
Host: fraplops101.os.net.ibm.com:8080
Accept: */*
http://fraplops101.os.net.ibm.com:8080http://fraplops101.os.net.ibm.com:8080/ is 1551 characters
STATUS: HTTP/1.1 403 Forbidden
**** HEADER ****
Connection: close
Date: Thu, 25 Feb 2021 12:20:38 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.4d66ac98=node0rn5h11yj8v294ulz2u15agnz8225.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.249.3
X-Jenkins-Session: 782231e7
X-You-Are-Authenticated-As: anonymous
X-You-Are-In-Group-Disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose
X-Required-Permission: hudson.model.Hudson.Read
X-Permission-Implied-By: hudson.security.Permission.GenericRead
X-Permission-Implied-By: hudson.model.Hudson.Administer
Content-Length: 793
Server: Jetty(9.4.30.v20200611)
**** CONTENT ****
<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
... which is implied by: hudson.model.Hudson.Administer
-->
</body></html>
HTTP WARNING: HTTP/1.1 403 Forbidden - 1551 bytes in 0.178 second response time |time=0.178214s;;;0.000000 size=1551B;;;0
Re: check_http throwing CRITICAL - Cannot make SSL connectio
It looks like the site requires authentication. Are you able to access the site if you put it in your browser? Check_http can do basic authentication with the "-a" flag:
Code: Select all
/usr/local/nagios/libexec/check_http -H fraplops101.os.net.ibm.com -u http://fraplops101.os.net.ibm.com:8080/ -p 8080 -v -a username:passwordAs of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.