check_http SSL crashes
Posted: Tue Sep 11, 2018 12:57 am
Hi,
I'm having some trouble using check_http to test HTTPS addresses. It appears to be crashing.
Here's where I've got to so far in troubleshooting:
I've seen similar issues on the forums were caused by SSL errors (which looks to be the case here), however cURL (which is also linked against the same OpenSSL) is doing just fine. The certificate is a Let's Encrypt cert.
Does anyone know where I should go from here?
I'm having some trouble using check_http to test HTTPS addresses. It appears to be crashing.
Here's where I've got to so far in troubleshooting:
Code: Select all
# libexec/check_http -H my.site
HTTP OK: HTTP/1.1 301 Moved Permanently - 237 bytes in 0.609 second response time |time=0.609220s;;;0.000000 size=237B;;;0Code: Select all
# libexec/check_http -H my.site -S
CRITICAL - Cannot make SSL connection.
1:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:802:
Segmentation fault (core dumped)Code: Select all
# openssl s_client -connect my.site:443
CONNECTED(00000004)
1:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:802:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 295 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1536644707
Timeout : 300 (sec)
Verify return code: 0 (ok)
---Code: Select all
# openssl version -a
OpenSSL 1.0.2o 27 Mar 2018
built on: date not available
platform: information not available
options: bn(64,64) rc4(16x,int) des(ptr,cisc,16,int) blowfish(ptr)
compiler: information not available
OPENSSLDIR: "/etc/openssl"Code: Select all
# curl https://my.site
<normal page content>Does anyone know where I should go from here?