Page 1 of 1
Observing SSL connection error on cloud Nagios
Posted: Tue Nov 02, 2021 2:57 am
by Amit_Alone
Hi Team,
We have Nagios cloud i.e., 5.8.6v installed on Azure cloud. We had successfully enabled the baseline monitoring for cloud servers and it's working as expected.
However, when we are tried to enable the URL monitoring it's giving SSL connection error. We have tested the URL on the same browser on which Nagios GUI is accessible and it's working as expected. But after configuring it's showing below error.
Code: Select all
[root@vlmazprdeu2nag2 ~]# /usr/local/nagios/libexec/check_http -H $$HOSTNAME$$.prod.cloud -f follow -I XX.XX.XX.162 -u "/quantum" -S -p 443
CRITICAL - Cannot make SSL connection.
139974179497904:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:769:
[root@vlmazprdeu2nag2 ~]#
[root@vlmazprdeu2nag2 ~]# /usr/local/nagios/libexec/check_http -H $$HOSTNAME$$.prod.cloud -f follow -I XX.XX.XX.162 -u "/quantum" -S --sni -p 443
CRITICAL - Cannot make SSL connection.
139680030042032:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:769:
Please assist me with the error
Re: Observing SSL connection error on cloud Nagios
Posted: Tue Nov 02, 2021 2:06 pm
by gsmith
Hi
Please try this:
Code: Select all
/usr/local/nagios/libexec/check_http -H $$HOSTNAME$$.prod.cloud -sni -f ok -I XX.XX.XX.162 -u "/quantum" -S 1 -p 443
If that doesn't work please provide the output from it, as well as the output of this command that you
need to enter on the command line of the Nagios server:
Code: Select all
curl -v -L https://HOSTNAME.prod.cloud/quantum
Thanks
Re: Observing SSL connection error on cloud Nagios
Posted: Wed Nov 03, 2021 1:17 am
by Amit_Alone
I have executed the shared command and it didn't work.
Code: Select all
[root@vlmazprdeu2nag2 ~]# /usr/local/nagios/libexec/check_http -H $$HOSTNAME$$.prod.cloud -sni -f ok -I XX.XX.XX.162 -u "/quantum" -S 1 -p 443
CRITICAL - Cannot make SSL connection.
139667669346224:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:769:
[root@vlmazprdeu2nag2 ~]# curl -v -L https://$$HOSTNAME$$.prod.cloud/quantum
* About to connect() to $$HOSTNAME$$.prod.cloud port 443 (#0)
* Trying 10.18.76.125...
* Connection timed out
* Failed connect to $$HOSTNAME$$.prod.cloud:443; Connection timed out
* Closing connection 0
curl: (7) Failed connect to $$HOSTNAME$$.prod.cloud:443; Connection timed out
[root@vlmazprdeu2nag2 ~]#
Re: Observing SSL connection error on cloud Nagios
Posted: Wed Nov 03, 2021 9:12 am
by gsmith
Hi
The curl command shows that the Nagios server can't connect to 10.18.76.125 on port 443.
From the Nagios server please try:
Thanks
Re: Observing SSL connection error on cloud Nagios
Posted: Wed Nov 03, 2021 10:44 am
by Amit_Alone
Please find o/p of the requested command.
Code: Select all
[root@vlmazprdeu2nag2 ~]# ping 10.18.76.125
PING 10.18.76.125 (10.18.76.125) 56(84) bytes of data.
64 bytes from 10.18.76.125: icmp_seq=1 ttl=124 time=331 ms
64 bytes from 10.18.76.125: icmp_seq=2 ttl=124 time=322 ms
64 bytes from 10.18.76.125: icmp_seq=3 ttl=124 time=323 ms
64 bytes from 10.18.76.125: icmp_seq=4 ttl=124 time=333 ms
64 bytes from 10.18.76.125: icmp_seq=5 ttl=124 time=323 ms
64 bytes from 10.18.76.125: icmp_seq=6 ttl=124 time=323 ms
64 bytes from 10.18.76.125: icmp_seq=7 ttl=124 time=322 ms
64 bytes from 10.18.76.125: icmp_seq=8 ttl=124 time=322 ms
^C
--- 10.18.76.125 ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7008ms
rtt min/avg/max/mdev = 322.074/325.206/333.616/4.357 ms
Re: Observing SSL connection error on cloud Nagios
Posted: Wed Nov 03, 2021 4:00 pm
by gsmith
Hi
That looks good - thanks.
From a command line on the Nagios XI server please run:
Code: Select all
/usr/local/nagios/libexec/check_http -H hostname.prod.cloud -S
note: the -S is an uppercase S
Thanks
Re: Observing SSL connection error on cloud Nagios
Posted: Wed Nov 03, 2021 10:12 pm
by Amit_Alone
O/p of the requested command. I tried replacing hostname with IP still observing the same.
Code: Select all
[root@vlmazprdeu2nag2 ~]# /usr/local/nagios/libexec/check_http -H $$HOSTNAME$$.prod.cloud -S
CRITICAL - Socket timeout
Re: Observing SSL connection error on cloud Nagios
Posted: Thu Nov 04, 2021 9:55 am
by gsmith
Hi
From the Nagios server run:
If it doesn't say open then you need to check for a firewall on 10.18.76.125.
Do you have access to 10.18.76.125 ? If so run from the command line of 10.18.76.125:
If you don't have access to 10.18.76.125 talk to the administrator for
that machine and tell him you need access to port 443 from you Nagios server.
Thanks