Could not complete SSL handshake.
Posted: Wed Dec 16, 2015 6:03 pm
Hello forum,
I've got a situation where I can't seem to find the answer
server1:/opt/nagios/libexec$ ./check_nrpe -H localhost
CHECK_NRPE: Error - Could not complete SSL handshake.
Same site, same package installed
server2:/opt/nagios/libexec$ ./check_nrpe -H localhost
NRPE v2.12
nrpe.cfg from server1
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or hostnames
# that are allowed to talk to the NRPE daemon.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your /etc/hosts.allow
# file to allow only the specified host to connect to the port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
#allowed_hosts=127.0.0.1
nrpe.cfg from server2
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or hostnames
# that are allowed to talk to the NRPE daemon.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your /etc/hosts.allow
# file to allow only the specified host to connect to the port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
#allowed_hosts=127.0.0.1
As you can see, they are the same, we don't change this and always leave it as pre-defined in the package.
Os server1;
Solaris 10 11/06 s10s_u3wos_10 SPARC
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 14 November 2006
Os server2;
Solaris 10 11/06 s10s_u3wos_10 SPARC
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms
I was thinking, maybe this is related to the missing SUNWcry package
Server1
[root@server1:etc/init.d] # pkginfo | grep -i SUNWcry
[root@server1:etc/init.d] #
Server2
[root@server2:/] # pkginfo | grep -i SUNWcry
[root@server2:/] #
so also on server2 this package is not there, and it's working fine...
Even when I install package 2.15 (what we also use) it's not working
when I run NRPE without SSL, I get an answer back.
But since we use this worldwide for over 9000 servers (and increasng) max will be 25.000 probable... there are only 2 servers that have this issue, and this is one of them...
there is realy nothing I can find how to fix this issue..
So I hope someone can point me to the right direction
Thank you forum to help me out!!
I've got a situation where I can't seem to find the answer
server1:/opt/nagios/libexec$ ./check_nrpe -H localhost
CHECK_NRPE: Error - Could not complete SSL handshake.
Same site, same package installed
server2:/opt/nagios/libexec$ ./check_nrpe -H localhost
NRPE v2.12
nrpe.cfg from server1
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or hostnames
# that are allowed to talk to the NRPE daemon.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your /etc/hosts.allow
# file to allow only the specified host to connect to the port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
#allowed_hosts=127.0.0.1
nrpe.cfg from server2
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or hostnames
# that are allowed to talk to the NRPE daemon.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your /etc/hosts.allow
# file to allow only the specified host to connect to the port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
#allowed_hosts=127.0.0.1
As you can see, they are the same, we don't change this and always leave it as pre-defined in the package.
Os server1;
Solaris 10 11/06 s10s_u3wos_10 SPARC
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 14 November 2006
Os server2;
Solaris 10 11/06 s10s_u3wos_10 SPARC
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms
I was thinking, maybe this is related to the missing SUNWcry package
Server1
[root@server1:etc/init.d] # pkginfo | grep -i SUNWcry
[root@server1:etc/init.d] #
Server2
[root@server2:/] # pkginfo | grep -i SUNWcry
[root@server2:/] #
so also on server2 this package is not there, and it's working fine...
Even when I install package 2.15 (what we also use) it's not working
when I run NRPE without SSL, I get an answer back.
But since we use this worldwide for over 9000 servers (and increasng) max will be 25.000 probable... there are only 2 servers that have this issue, and this is one of them...
there is realy nothing I can find how to fix this issue..
So I hope someone can point me to the right direction
Thank you forum to help me out!!