Nagios Support Forum

Setting up AD to import users. Configured without encryption works fine. Turn encryption on I get the following error

Unable to authenticate: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (unable to get local issuer certificate)

I know this is a certificate error. I've uploaded certs for the CA, Root CA, and Domain Controller I always get that error. We have a Root and Sub CA configuration in a windows environment. I've also tried uploading the chain as both in one and individually with no luck.

I found a similar thread where this was being asked to be run

openssl s_client -showcerts -connect x.x.x.x:636 </dev/null

I did that and get back the certificate chain from the AD server. From an eyeball perspective they look correct both from the server and what's installed under nagios.

I setup debugging in the PHP file that is in the nagios guide, when I tail the apache error log there are no new entries being entered. I've restarted httpd and rebooted the server with no change in the logging.

Any help would be greatly appreciated.

I use this output to validate the proper chain/subject name:
Please PM me that output.

What is the output of these commands?
What OS/version?

What PHP version?
Please enable debug logging by following this KB article:
Then run this tail command (use this one instead of the guide and leave it running):
Then try to authenticate again and PM me the entire output of the tail command above so that I can see what is occurring.


Thank you!

Sent you a pm
John

Sent a reply, please check your PMs.

Thank you!