Nagios Support Forum

Hi,
I'm probably not phrasing my search queries for the forum to find the info I need
for PCI compliance, they want to use a signed cert for the NCPA agent, but I can not find where Nagios keeps the certificate in order to replace it with a Geotrust Cert

Can you help?

Thank you in advance

Hello @jenstar13

There's a setting in the main configuration file to specify the path to the certificate.

Allows you to specify the file name for the SSL certificate you wish to use with the internal HTTPS server. If using adhoc - a new self-signed certificate will be generated and used for the server. The default cert is located in the main install directory at /usr/local/ncpa/ncpa.crt on install.
Options: adhoc or <path to certificate>

After updating, restart the ncpa_listener service and try accessing the Web GUI.

Also, you might find this forum thread helpful:
NCPA SSl Certificate

Let us know if you get it installed and working.

Hi, thank you
I found both those pages using the googles
I am going to try it, but it's on a Linux system, so I need to add the Intermediate
since the example was for widows I am going to try

ssl_version = TLSv1_2
certificate = /usr/local/ncpa/var/wildcart.crt,/usr/local/ncpa/var/wildcard.key,/usr/local/ncpa/var/Geotrust_TLS_RSA_CA_G1.crt

Was my assumption correct, or does the intermediate go on a different line?

it doesn't like what I did

2019-03-27 17:42:44,735 6536 INFO started
2019-03-27 17:42:44,737 6536 INFO Using SSL version TLSv1_2
2019-04-17 16:13:24,686 6536 INFO stopped
2019-04-17 16:13:29,324 14116 INFO started
2019-04-17 16:13:29,326 14116 INFO Using SSL version TLSv1_2
2019-04-17 16:13:29,326 14116 ERROR too many values to unpack
Traceback (most recent call last):
File "ncpa_listener.py", line 80, in run
ValueError: too many values to unpack
2019-04-17 16:13:29,327 14116 INFO stopped

Ok, what I found was the first attempt failed because it did not like the intermediate, it would not even start
if I remove that NCPA starts but I have to use the hostname to get the Cert accepted
but now I have the valid cert from a CA on this one machine

Thank you
you can close this

Hi @jenstar13,

Thanks for update on the solution. Glad you got it working.

Closing. Thank you for using the Nagios Support Forum.