Page 1 of 2
CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Fri Apr 22, 2016 9:55 am
by trafalgargirl
Hi all
A new error appeared yesterday with one of the clients I have been monitored on Nagios.
CHECK_NRPE: Error - Could not complete SSL handshake.
The server in question is running Ubuntu 12.04. I checked the nrpe.cfg file on the server and for some reason the IP address was changed to something other than my nagios server - so I have corrected that.
Still getting the issues though. Any other thoughts?
Thanks
(oh and still a newbie)
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Fri Apr 22, 2016 10:13 am
by hsmith
After you changed that, did you restart xinetd/nrpe?
Code: Select all
service xinetd restart
or
service nrpe restart
Which one of those commands you use is going to depend on how NRPE was installed.
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Fri Apr 22, 2016 10:17 am
by trafalgargirl
sorry I should have been clearer - yes I did. No change.
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Fri Apr 22, 2016 10:28 am
by trafalgargirl
I double checked the nrpe file under xinetd.d and have the following:
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = correct IP address
}
nrpe (END)
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Fri Apr 22, 2016 2:13 pm
by tmcdonald
We have quite a few pages worth of troubleshooting for NRPE in this doc:
https://assets.nagios.com/downloads/nag ... utions.pdf
I'd take a look at that, run through everything in section III, and let us know if you still need assistance.
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Mon Apr 25, 2016 12:49 pm
by trafalgargirl
Hi all
I have indeed gone through the help doc - and everything looks as it should. I believe I mentioned (but me worth repeating...) that this was initially working but then stopped. So these two reasons are why I am at a bit of a loss....
Thanks
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Mon Apr 25, 2016 4:56 pm
by rkennedy
What happens if you run the check with -n? Does it return a result?
Can you try appending -t 60 to the end of your command as well? It could be hitting a timeout throttle.
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Fri May 27, 2016 12:36 pm
by trafalgargirl
Hi all
I am sorry for the late reply on this one: this had to go to the back burner since we had some other emergencies. Now of course this has become one...
I finally got access to the nagios server... so I ran the following at eloyd's suggestion:
[root@ip-10-182-83-244 nagiosxi]# /usr/local/nagios/libexec/check_nrpe -H target ip -n
CHECK_NRPE: Error receiving data from daemon.
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Mon May 30, 2016 2:48 am
by Box293
Can you show us the steps you followed in this guide, including the commands executed and the output produced:
https://assets.nagios.com/downloads/nag ... utions.pdf
Re: CHECK_NRPE: Error - Could not complete SSL handshake.
Posted: Tue May 31, 2016 9:08 am
by trafalgargirl
Here is what I have gone through:
nrpe: allowed_hosts=127.0.0.1,5X.XXX.XX.XX
xinetd: only_from = 127.0.0.1 5X.XXX.XX.XXX
root@ip-172-31-28-147:~# service xinetd restart
xinetd stop/waiting
xinetd start/running, process 29321
root@ip-172-31-28-147:/etc/init.d# service nagios-nrpe-server stop
* Stopping nagios-nrpe nagios-nrpe [ OK ]
root@ip-172-31-28-147:/etc/init.d# service nagios-nrpe-server start
* Starting nagios-nrpe nagios-nrpe
root@ip-172-31-28-147:/etc/init.d# service xinetd status
xinetd start/running, process 29321
I also double checked the firewall rules in AWS (where the server is hosted) and see that indeed 5666 is open.