Page 1 of 1
NRDP without TLS
Posted: Tue Jan 15, 2019 6:45 am
by hubertbugaj
How can I disable TLS for NRDP? At the moment I get "302 Found" code and redirect to "https://<IP>/nrdp" after executing, for example, curl http://<IP>/nrdp. The software I am using can't really speak TLS (nor handle redirects, most probably).
I get that would decrease security level of the system, but it's an internal test network so it's not a big issue.
Using Nagios XI 5.5.8 on CentOS 7.5.1804
Re: NRDP without TLS
Posted: Tue Jan 15, 2019 2:33 pm
by scottwilkerson
you should be sending to the https://<IP>/nrdp/ address instead of http://<IP>/nrdp
Re: NRDP without TLS
Posted: Wed Jan 16, 2019 2:58 am
by hubertbugaj
Unfortunately this is not possible (http is hardcoded). Resolved this by disabling https redirects in/etc/httpd/conf.d/nagiosxi.conf . My heart bleeds.
Re: NRDP without TLS
Posted: Wed Jan 16, 2019 8:29 am
by scottwilkerson
hubertbugaj wrote:Unfortunately this is not possible (http is hardcoded). Resolved this by disabling https redirects in/etc/httpd/conf.d/nagiosxi.conf . My heart bleeds.
If you hardcoded that in your solution, then I would have done the same thing.
Can we lock the topic?
Re: NRDP without TLS
Posted: Wed Jan 16, 2019 8:46 am
by hubertbugaj
Yes, thanks for your support.
Re: NRDP without TLS
Posted: Wed Jan 16, 2019 9:32 am
by scottwilkerson
hubertbugaj wrote:Yes, thanks for your support.
great locking