Hi,
I started using the NCPA as a replacement for NRPE and NSClient.
I'm trying to understand the SSL option in NCPA.
I want to create for each VM a self signed certificate and configure it with NCPA.
From what I read I can configure the .key and .crt in ncpa.cfg.
The only problem I have is how XI can get notifications with all those difference certificate if I don't configure in the XI server anything?
What I'm missing here?
I will appreciate an explanation.
SSL Certificate with NCPA
Re: SSL Certificate with NCPA
Hello @elade
Thanks for reaching out, you only need one pair a public and a private key. The Nagios server holds the private key and all the servers to get monitored get the public keys. Meaning the servers to be monitored would all get the same key.
https://www.nagios.org/ncpa/help/2.1/configuration.html
Thanks,
Perry
Thanks for reaching out, you only need one pair a public and a private key. The Nagios server holds the private key and all the servers to get monitored get the public keys. Meaning the servers to be monitored would all get the same key.
https://www.nagios.org/ncpa/help/2.1/configuration.html
Thanks,
Perry
Re: SSL Certificate with NCPA
Hi,
Where I configure the private key in Xi server?
The crt and private key I configure in NCPA?
Where I configure the private key in Xi server?
The crt and private key I configure in NCPA?
Re: SSL Certificate with NCPA
Hello @elade
Thanks for following up, the 'crt/key' are configured in the ncpa.cfg.
Thanks,
Perry
Thanks for following up, the 'crt/key' are configured in the ncpa.cfg.
Specify the crt/key on the ncpa server-side and ncpa client-side.certificate ad-hoc { If left adhoc, a new self-signed certificate will be generated and used for the server.} Allows you to specify the file name for the SSL certificate you wish to use with the internal HTTPS server. If using adhoc - a new self-signed certificate will be generated on startup if one does not already exist. The default cert is located in the main install directory at /usr/local/ncpa/var/ncpa.crt on install. For custom certificates, you must give the location to the .crt and the .key file as a comma-separated value.
Options: adhoc or <path to .crt>,<path to .key>
Thanks,
Perry
Re: SSL Certificate with NCPA
Hi pbroste,
What about the XI? where I configure the private key?
What about the XI? where I configure the private key?
Re: SSL Certificate with NCPA
Hello @elade
The Nagios server application does not interact with the NCPA agent, however, the Nagios server will execute the 'check_ncpa.py' client for the host and service checks. The key pair on the Nagios XI server-side would be for example; "/usr/local/ncpa/var/ncpa.key"
Thanks,
Perry
The Nagios server application does not interact with the NCPA agent, however, the Nagios server will execute the 'check_ncpa.py' client for the host and service checks. The key pair on the Nagios XI server-side would be for example; "/usr/local/ncpa/var/ncpa.key"
Thanks,
Perry