Cert not recognized error

Post by **BanditBBS** » Thu Dec 09, 2021 4:48 pm

OK, so the AD was setup using no security and they are now blocking that and forcing SSL.

Changed the AD setup to use SSL and installed the 2 certs but I get

Unable to authenticate: TLS error -8179:Peer's Certificate issuer is not recognized.

I then took a look at this: https://support.nagios.com/kb/article.php?id=524 and ran through it just to validate. It made no difference, still the same error. Here is the listing from the certs folder:

Code: Select all

[root@xxxxxxxx cacerts]# ll
total 0
lrwxrwxrwx 1 apache apache 37 Dec  9 16:24 61b2740782c19.0 -> /etc/openldap/certs/61b2740782c19.pem
lrwxrwxrwx 1 apache apache 37 Dec  9 16:25 61b27444f274f.0 -> /etc/openldap/certs/61b27444f274f.pem

Post by **pbroste** » Fri Dec 10, 2021 3:51 pm

Hello @BanditBBS

Thanks for reaching out and wanted to find out if you verified the cert/cert chain?

Code: Select all

openssl verify -CAfile certificate-chain.pem certificate.pem

let us know how things look,
Perry

Post by **BanditBBS** » Mon Dec 13, 2021 9:20 am

Code: Select all

[root@xxxxxxx cacerts]# openssl verify -CAfile /etc/openldap/certs/61b279fb0ea85.pem /etc/openldap/certs/61b279f022cfa.pem
/etc/openldap/certs/61b279f022cfa.pem: OK

So that seems to have verified OK, so not sure what the issue could be.

Post by **pbroste** » Mon Dec 13, 2021 6:38 pm

Hello @BanditBBS

Want to take a look through the System Profile when you get a chance.

Please PM your updated system profile if the issue persists.

To send us your system profile.

Login to the Nagios XI GUI using a web browser.
Click the "Admin" > "System Profile" Menu
Click the "Download Profile" button
Save the profile.zip file and send via Private Message

Thanks,
Perry

Nagios Support Forum

Cert not recognized error

Cert not recognized error

Re: Cert not recognized error

Re: Cert not recognized error

Re: Cert not recognized error