Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Cannot make SSL connection

https://support.nagios.com/forum/viewtopic.php?t=34016

Page 2 of 2

Re: Cannot make SSL connection

Posted: Tue Aug 04, 2015 5:05 pm
by tmcdonald
We might want to do a remote for this one. Can you open a ticket and reference this thread? Just email [email protected] with a descriptive title and a link to this thread.

Re: Cannot make SSL connection

Posted: Thu Oct 08, 2015 3:04 pm
by mazeman
Were you guys able to find a way to monitor the ADFS URL?

I have a requirement to monitor logging into an ADFS SSO portal with user credentials and I haven't found a solution just yet.

Thanks!

-Kevin

Re: Cannot make SSL connection

Posted: Fri Oct 09, 2015 1:27 pm
by jdalrymple
We did end up resolving the issue. Discovered that check_http simply wasn't handling the output well. Here is the pertinent part of the resulting customer support ticket:
Since curl is having no problem with the URL I'm guessing this is actually just a shortcoming of check_http. check_http is wonderful at simple URLs with simple connectivity but is actually known to have some issues with SSL that's been munged by proxies and such, and it's unlikely those issues will ever be fixed since we can just use a 3rd party handler like curl.

There are plugins out there, but my personal recommendation just so you have a better understanding of what's going on is to write your own. I've used the curl template from this page for some of my own personal projects:

http://jon.netdork.net/2011/03/19/using ... -webpages/

The code in question:

#!/bin/sh
URL="http://www.google.com/search?q=nagios"
TMPFILE=`mktemp /tmp/google_watch.XXXXXX`
curl -s -o ${TMPFILE} ${URL} 2>/dev/null
if [ "$?" -ne "0" ];
then
echo "Unable to connect to ${URL}"
exit 2
fi
RES=`grep -i "www.nagios.org" ${TMPFILE}`
if [ "$?" -ne "0" ];
then
echo "String http://www.nagios.org not found in ${URL}"
exit 1
fi
echo "String found"
exit 0;

You can make some simple substitutions there to monitor your site. You'll need in your curl command those flags we set, -k and -L. Of course one oddity is going to be that the string you'll have to search for will be in that output that you shared:

<p>JavaScript is required. This web browser does not support JavaScript or JavaScript in this web browser is not enabled.</p>
<p>To find out if your web browser supports JavaScript or to enable JavaScript, see web browser help.</p>
Understandably parsing that output isn't TOO useful from the perspective of an end user, but this is a limitation of the webpage, not the software doing the monitoringing. In order to get more useful input the check will have to be much more complicated, implementing a browser engine such as selenium or node.js - we can go down that road if you want, but you should be aware it's a long one.

Does all that make sense? Are you comfortable throwing together your own plugin or did you want me to put one together for you? Here is the documentation on managing custom plugins for NagiosXI
All times are UTC-05:00
Page 2 of 2

Powered by phpBB® Forum Software © phpBB Limited